forked from baron/baron-sso
57 lines
1.8 KiB
TypeScript
57 lines
1.8 KiB
TypeScript
import { useAuth } from "react-oidc-context";
|
|
import { Navigate, Outlet } from "react-router-dom";
|
|
import { t } from "../../lib/i18n";
|
|
import { resolveProfileRole } from "../../lib/role";
|
|
|
|
export default function AuthGuard() {
|
|
const auth = useAuth();
|
|
|
|
if (auth.isLoading || auth.activeNavigator) {
|
|
return <div>Loading...</div>;
|
|
}
|
|
|
|
if (auth.error) {
|
|
return <div>Auth Error: {auth.error.message}</div>;
|
|
}
|
|
|
|
if (!auth.isAuthenticated) {
|
|
return <Navigate to="/login" replace />;
|
|
}
|
|
|
|
const normalizedRole = resolveProfileRole(
|
|
auth.user?.profile as Record<string, unknown> | undefined,
|
|
);
|
|
const isTenantMember =
|
|
normalizedRole === "user" || normalizedRole === "tenant_member";
|
|
|
|
if (isTenantMember) {
|
|
return (
|
|
<div className="min-h-screen grid place-items-center bg-background text-foreground p-6">
|
|
<div className="max-w-lg w-full rounded-xl border border-border bg-card p-6 space-y-4">
|
|
<h1 className="text-xl font-semibold">
|
|
{t("msg.dev.auth.access_denied_title", "접근 권한이 없습니다.")}
|
|
</h1>
|
|
<p className="text-sm text-muted-foreground">
|
|
{t(
|
|
"msg.dev.auth.access_denied_description",
|
|
"DevFront는 관리자 전용 화면입니다. 권한이 필요하면 관리자에게 요청해 주세요.",
|
|
)}
|
|
</p>
|
|
<button
|
|
type="button"
|
|
className="inline-flex items-center rounded-md bg-primary px-4 py-2 text-sm font-medium text-primary-foreground hover:opacity-90"
|
|
onClick={() => {
|
|
auth.removeUser();
|
|
window.location.href = "/login";
|
|
}}
|
|
>
|
|
{t("ui.common.back_to_login", "로그인으로 돌아가기")}
|
|
</button>
|
|
</div>
|
|
</div>
|
|
);
|
|
}
|
|
|
|
return <Outlet />;
|
|
}
|