Initial commit

middleware/auth.js

@@ -0,0 +1,30 @@
+import auth from '~/utils/auth';
+
+// do not add trailing slashes to the excluded paths.
+const excludedPaths = ['', '/authorize', '/logout'];
+
+// This function is not SSR-compatible, and works since our code currently only runs on the client.
+export default function ({ isHMR, route }) {
+  // If middleware is called from hot module replacement, ignore it
+  if (isHMR) {
+    return;
+  }
+
+  // support both trailing slash and non-trailing slash so it works the same
+  // when hosted from s3 and not.
+  let path = route.path;
+  if (path.endsWith('/')) {
+    path = path.slice(0, -1);
+  }
+
+  if (!excludedPaths.includes(path)) {
+    if (auth.isExpired()) {
+      // if the auth has just expired - try to log in silently.
+      auth.triggerSilentLogin({ returnUrl: route.fullPath });
+    }
+    else if (!auth.isAuthenticated()) {
+      // otherwise, if the user is not authenticated, trigger a full login.
+      auth.triggerLogin({ returnUrl: route.fullPath });
+    }
+  }
+}