Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle unauthenticated request #775

Open
asacarter opened this issue Jul 8, 2024 · 3 comments
Open

Handle unauthenticated request #775

asacarter opened this issue Jul 8, 2024 · 3 comments

Comments

@asacarter
Copy link

The template does not have any configuration settings for the login route.

It automatically redirects to auth/login. I would like to specify my own route to an unauthenticated page or have it just return unauthenticated so I can handle my own logic if a user is not authenticated.

const { admin } = await authenticate.admin(request);
@paulomarg
Copy link
Contributor

Hey, thanks for raising this! Just to help me understand the problem better, could you please clarify:

  1. are you trying to create an unauthenticated endpoint?
  2. or are you trying to handle the "error" scenario of authenticate.admin differently?

If it's number 2, and you simply want to override the auth/login endpoint, it's in the template in app/routes/auth.login/route.tsx.

One option would be to skip the await login(request) calls in that file, which are what trigger the automatic redirection in the template. That page will by default show a login form if there is no shop parameter, or trigger a login if there is one.

Hope this helps!

@asacarter
Copy link
Author

Hi Paulo,

Thanks for the quick reply and it was also nice to meet you at Editions.

It's neither of those, it's that I would like to choose my own routes.

I'd like to do an auth check on the index route. If they are not logged in, redirect to a different login route other than auth/login. If the user is authenticated then continue in the same route rather than redirecting to app/.

In the index route, If I add the auth check to the loader I found that if not authenticated, it performs the redirect to auth/login automatically.

export const loader = async ({ request }) => {
  const { admin } = await authenticate.admin(request);
...
}

It would be great if I could pass in an additional parameter to authenticate.admin. Something like authenticate.admin(request, true) and have it return if authenticated or not instead of automatically redirecting.

Then I can create my own routes rather than being restricted to auth/login and app/.

It would also be useful for API endpoints, where you don't necessarily need a redirection.

@paulomarg
Copy link
Contributor

I see, I think that's a great point - so you basically want to be able to call the authentication but handle the failure cases yourself.

I like the idea, but it's worth pointing out that there are quite a few edge cases in that authentication that we need to be mindful of, so we'd need to do some thinking on it.

In any case, I'll bring it to the team and get back to you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@asacarter @paulomarg