Coupon Carl
cfda1b544d
Replace hand-rolled JWT auth with Better-Auth session-based authentication. - Scaffold auth/ Node.js service with Better-Auth, bcrypt password compat, Postgres adapter mapped to existing users table - Add Alembic migration (002) creating sessions, accounts, verifications tables and migrating password hashes to accounts table - Update FastAPI auth dependency to validate sessions via shared DB (supports both cookie and Bearer token) - Remove registration/login/refresh endpoints from API gateway (now handled by Better-Auth service) - Update frontend to use better-auth/react client with httpOnly cookies (no tokens in localStorage or memory) - Rewrite auth store, Login, Register, Dashboard, Settings, ProtectedRoute to use session-based auth - Update all tests to create sessions directly in DB instead of JWT tokens Resolves CAR-27 See plan: CAR-26#document-plan Co-Authored-By: Paperclip <noreply@paperclip.ing>
28 lines
765 B
TypeScript
28 lines
765 B
TypeScript
import { useEffect } from 'react'
|
|
import { Navigate, Outlet } from 'react-router-dom'
|
|
import { authClient } from '../lib/auth-client.ts'
|
|
import { useAuthStore } from '../stores/auth.ts'
|
|
|
|
export function ProtectedRoute() {
|
|
const { data: session, isPending } = authClient.useSession()
|
|
const setAuthenticated = useAuthStore((s) => s.setAuthenticated)
|
|
|
|
useEffect(() => {
|
|
setAuthenticated(!!session)
|
|
}, [session, setAuthenticated])
|
|
|
|
if (isPending) {
|
|
return (
|
|
<div className="flex min-h-screen items-center justify-center">
|
|
<div className="h-8 w-8 animate-spin rounded-full border-2 border-brand-blue border-t-transparent" />
|
|
</div>
|
|
)
|
|
}
|
|
|
|
if (!session) {
|
|
return <Navigate to="/login" replace />
|
|
}
|
|
|
|
return <Outlet />
|
|
}
|