Jennie Robinson Faber
79d3ba0f78
Add JWT-verified session check to coming-soon middleware so logged-in members can access the full site. Add member login link and modal to the coming-soon page so members can sign in before launch.
37 lines
1.1 KiB
JavaScript
37 lines
1.1 KiB
JavaScript
export default defineNuxtRouteMiddleware(async (to, from) => {
|
|
const config = useRuntimeConfig();
|
|
const isComingSoonMode =
|
|
config.public.comingSoon === "true" || config.public.comingSoon === true;
|
|
|
|
// Only enforce coming soon mode if enabled
|
|
if (!isComingSoonMode) {
|
|
return;
|
|
}
|
|
|
|
// Allow access to the coming-soon page and OIDC login
|
|
if (to.path === "/coming-soon" || to.path === "/auth/wiki-login") {
|
|
return;
|
|
}
|
|
|
|
// Allow authenticated users to bypass coming-soon
|
|
const authToken = useCookie("auth-token");
|
|
if (authToken.value) {
|
|
// On the server, verify the JWT is actually valid
|
|
if (import.meta.server) {
|
|
try {
|
|
const { jwtSecret } = useRuntimeConfig();
|
|
const jwt = await import("jsonwebtoken").then((m) => m.default);
|
|
jwt.verify(authToken.value, jwtSecret);
|
|
return;
|
|
} catch {
|
|
// Invalid/expired token — fall through to coming-soon redirect
|
|
}
|
|
} else {
|
|
// Client-side: trust the cookie (SSR already validated on initial load)
|
|
return;
|
|
}
|
|
}
|
|
|
|
// Redirect all other routes to coming-soon
|
|
return navigateTo("/coming-soon");
|
|
});
|