diff --git a/userfront/lib/features/auth/presentation/approve_qr_screen.dart b/userfront/lib/features/auth/presentation/approve_qr_screen.dart index 78c97aa2..de27eaef 100644 --- a/userfront/lib/features/auth/presentation/approve_qr_screen.dart +++ b/userfront/lib/features/auth/presentation/approve_qr_screen.dart @@ -3,6 +3,7 @@ import 'package:go_router/go_router.dart'; import '../../../../core/i18n/locale_utils.dart'; import '../../../../core/services/auth_proxy_service.dart'; import '../../../../core/services/auth_token_store.dart'; +import '../../../../core/services/web_window.dart'; class ApproveQrScreen extends StatefulWidget { final String? pendingRef; @@ -60,7 +61,7 @@ class _ApproveQrScreenState extends State { WidgetsBinding.instance.addPostFrameCallback((_) { if (!mounted) return; final target = buildLocalizedSigninPath(Uri.base); - context.go('$target?notice=qr_login_required'); + webWindow.redirectTo('$target?notice=qr_login_required'); }); } } @@ -102,7 +103,7 @@ class _ApproveQrScreenState extends State { if (storedToken == null && !hasCookie) { if (mounted) { final target = buildLocalizedSigninPath(Uri.base); - context.go('$target?notice=qr_login_required'); + webWindow.redirectTo('$target?notice=qr_login_required'); } return; } diff --git a/userfront/lib/main.dart b/userfront/lib/main.dart index 1a540f24..55407814 100644 --- a/userfront/lib/main.dart +++ b/userfront/lib/main.dart @@ -53,6 +53,20 @@ Map? _decodeErrorDetails(String? raw) { return null; } +bool _hasActiveLocalSession() { + final token = AuthTokenStore.getToken(); + return (token != null && token.isNotEmpty) || AuthTokenStore.usesCookie(); +} + +String? _redirectPrivateLocaleRoute(GoRouterState state) { + if (_hasActiveLocalSession()) { + return null; + } + final localeCode = + extractLocaleFromPath(state.uri) ?? resolvePreferredLocaleCode(); + return buildSigninRedirectPath(localeCode, state.uri); +} + void _attemptRecoveryFromNullCheck({ required Object exception, StackTrace? stackTrace, @@ -254,6 +268,7 @@ final _router = GoRouter( routes: [ GoRoute( path: 'dashboard', + redirect: (context, state) => _redirectPrivateLocaleRoute(state), builder: (context, state) { return ScopedTheme( controller: ThemeController.app, @@ -263,6 +278,7 @@ final _router = GoRouter( ), GoRoute( path: 'profile', + redirect: (context, state) => _redirectPrivateLocaleRoute(state), builder: (context, state) => ScopedTheme( controller: ThemeController.app, child: const ProfilePage(), @@ -422,6 +438,19 @@ final _router = GoRouter( ), GoRoute( path: 'approve', + redirect: (context, state) { + final token = AuthTokenStore.getToken(); + final isLoggedIn = + (token != null && token.isNotEmpty) || + AuthTokenStore.usesCookie(); + if (isLoggedIn) { + return null; + } + final localeCode = + extractLocaleFromPath(state.uri) ?? + resolvePreferredLocaleCode(); + return '/$localeCode/signin?notice=qr_login_required'; + }, builder: (context, state) => ScopedTheme( controller: ThemeController.auth, child: ApproveQrScreen( @@ -431,6 +460,17 @@ final _router = GoRouter( ), GoRoute( path: 'ql/:ref', + redirect: (context, state) { + final localeCode = + extractLocaleFromPath(state.uri) ?? + resolvePreferredLocaleCode(); + final pendingRef = state.pathParameters['ref']; + if (pendingRef == null || pendingRef.isEmpty) { + return '/$localeCode/approve'; + } + final encodedRef = Uri.encodeQueryComponent(pendingRef); + return '/$localeCode/approve?ref=$encodedRef'; + }, builder: (context, state) => ScopedTheme( controller: ThemeController.auth, child: ApproveQrScreen(pendingRef: state.pathParameters['ref']), @@ -438,6 +478,7 @@ final _router = GoRouter( ), GoRoute( path: 'scan', + redirect: (context, state) => _redirectPrivateLocaleRoute(state), builder: (context, state) => ScopedTheme( controller: ThemeController.auth, child: const QRScanScreen(), @@ -445,6 +486,7 @@ final _router = GoRouter( ), GoRoute( path: 'admin/users', + redirect: (context, state) => _redirectPrivateLocaleRoute(state), builder: (context, state) => ScopedTheme( controller: ThemeController.app, child: const UserManagementScreen(), @@ -568,11 +610,15 @@ class _LocaleEntryRedirectScreenState extends State { if (!mounted || _redirected) { return; } + + // This parent route is also built for nested locale routes, so only + // redirect when the current location is exactly `/{locale}`. + if (stripLocalePath(Uri.base) != '/') { + return; + } + _redirected = true; - final token = AuthTokenStore.getToken(); - final isLoggedIn = - (token != null && token.isNotEmpty) || AuthTokenStore.usesCookie(); - if (!isLoggedIn) { + if (!_hasActiveLocalSession()) { context.go('/${widget.localeCode}/signin'); return; } diff --git a/userfront/pubspec.lock b/userfront/pubspec.lock index 5a7fb7b9..238c821f 100644 --- a/userfront/pubspec.lock +++ b/userfront/pubspec.lock @@ -45,10 +45,10 @@ packages: dependency: transitive description: name: characters - sha256: faf38497bda5ead2a8c7615f4f7939df04333478bf32e4173fcb06d428b5716b + sha256: f71061c654a3380576a52b451dd5532377954cf9dbd272a78fc8479606670803 url: "https://pub.dev" source: hosted - version: "1.4.1" + version: "1.4.0" cli_config: dependency: transitive description: @@ -276,6 +276,14 @@ packages: url: "https://pub.dev" source: hosted version: "1.0.5" + js: + dependency: transitive + description: + name: js + sha256: "53385261521cc4a0c4658fd0ad07a7d14591cf8fc33abbceae306ddb974888dc" + url: "https://pub.dev" + source: hosted + version: "0.7.2" leak_tracker: dependency: transitive description: @@ -328,18 +336,18 @@ packages: dependency: transitive description: name: matcher - sha256: dc0b7dc7651697ea4ff3e69ef44b0407ea32c487a39fff6a4004fa585e901861 + sha256: dc58c723c3c24bf8d3e2d3ad3f2f9d7bd9cf43ec6feaa64181775e60190153f2 url: "https://pub.dev" source: hosted - version: "0.12.19" + version: "0.12.17" material_color_utilities: dependency: transitive description: name: material_color_utilities - sha256: "9c337007e82b1889149c82ed242ed1cb24a66044e30979c44912381e9be4c48b" + sha256: f7142bb1154231d7ea5f96bc7bde4bda2a0945d2806bb11670e30b850d56bdec url: "https://pub.dev" source: hosted - version: "0.13.0" + version: "0.11.1" meta: dependency: transitive description: @@ -661,26 +669,26 @@ packages: dependency: transitive description: name: test - sha256: "280d6d890011ca966ad08df7e8a4ddfab0fb3aa49f96ed6de56e3521347a9ae7" + sha256: "75906bf273541b676716d1ca7627a17e4c4070a3a16272b7a3dc7da3b9f3f6b7" url: "https://pub.dev" source: hosted - version: "1.30.0" + version: "1.26.3" test_api: dependency: transitive description: name: test_api - sha256: "8161c84903fd860b26bfdefb7963b3f0b68fee7adea0f59ef805ecca346f0c7a" + sha256: ab2726c1a94d3176a45960b6234466ec367179b87dd74f1611adb1f3b5fb9d55 url: "https://pub.dev" source: hosted - version: "0.7.10" + version: "0.7.7" test_core: dependency: transitive description: name: test_core - sha256: "0381bd1585d1a924763c308100f2138205252fb90c9d4eeaf28489ee65ccde51" + sha256: "0cc24b5ff94b38d2ae73e1eb43cc302b77964fbf67abad1e296025b78deb53d0" url: "https://pub.dev" source: hosted - version: "0.6.16" + version: "0.6.12" toml: dependency: "direct main" description: