From 08d86cbd24c1efad64e83b0cae739f99e3050084 Mon Sep 17 00:00:00 2001 From: Ben McCallum Date: Wed, 11 Apr 2018 06:57:03 +0200 Subject: [PATCH] fix: don't redirect callback to login when using 'auth' globally (#131) Also, if dev has disabled redirect (all or callback/login), supported according to the options documentation, don't let that affect the middleware here. --- lib/core/middleware.js | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/lib/core/middleware.js b/lib/core/middleware.js index e3c1cd80d..8b5306abd 100644 --- a/lib/core/middleware.js +++ b/lib/core/middleware.js @@ -14,17 +14,21 @@ Middleware.auth = function (ctx) { return } - const { login } = ctx.app.$auth.options.redirect + const { login, callback } = ctx.app.$auth.options.redirect if (ctx.app.$auth.$state.loggedIn) { // -- Authorized -- - // Redirect to home page if inside login page - if (login && ctx.route.path === login.split('?')[0]) { + // Redirect to home page if inside login page (or login page disabled) + if (!login || ctx.route.path === login.split('?')[0]) { ctx.app.$auth.redirect('home') } } else { // -- Guest -- - // Redirect to login path if not authorized - ctx.app.$auth.redirect('login') + // Redirect to login page if not authorized and not inside callback page + // (Those passing `callback` at runtime need to mark their callback component + // with `auth: false` to avoid an unnecessary redirect from callback to login) + if (!callback || ctx.route.path !== callback.split('?')[0]) { + ctx.app.$auth.redirect('login') + } } }