marcel/mealprep
1
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): preserve redirect URL when redirecting to /login

Browse Source 
Appends ?redirect= with the original pathname so the login page
can redirect back after successful authentication.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Marcel Raddatz
2026-04-02 13:56:49 +02:00
parent cc74c0042a
commit 92c7d8f92e
2 changed files with 12 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
frontend/src/hooks.server.test.ts
View File

@@ -57,15 +57,14 @@ describe('auth guard (hooks.server.ts handle)', () => {
} }
); );
it('redirects unauthenticated requests on protected routes', async () => { it('redirects unauthenticated requests to /login with redirect param', async () => {
const { event, resolve } = createEvent('/planner'); const { event, resolve } = createEvent('/recipes/abc');
try { try {
await handle({ event, resolve }); await handle({ event, resolve });
// If using SvelteKit redirect, it throws
expect.unreachable(); expect.unreachable();
} catch (e: any) { } catch (e: any) {
expect(e.status).toBe(302); expect(e.status).toBe(302);
expect(e.location).toBe('/login'); expect(e.location).toBe('/login?redirect=%2Frecipes%2Fabc');
} }
}); });
@@ -99,7 +98,7 @@ describe('auth guard (hooks.server.ts handle)', () => {
expect(resolve).toHaveBeenCalledWith(event); expect(resolve).toHaveBeenCalledWith(event);
}); });
it('redirects to /login when session validation fails', async () => { it('redirects to /login with redirect param when session validation fails', async () => {
mockGet.mockResolvedValue({ data: undefined, error: { status: 401 } }); mockGet.mockResolvedValue({ data: undefined, error: { status: 401 } });
const { event, resolve } = createEvent('/planner', 'bad-session'); const { event, resolve } = createEvent('/planner', 'bad-session');
@@ -108,7 +107,7 @@ describe('auth guard (hooks.server.ts handle)', () => {
expect.unreachable(); expect.unreachable();
} catch (e: any) { } catch (e: any) {
expect(e.status).toBe(302); expect(e.status).toBe(302);
expect(e.location).toBe('/login'); expect(e.location).toBe('/login?redirect=%2Fplanner');
} }
}); });
}); });

9
frontend/src/hooks.server.ts
View File

@@ -13,6 +13,11 @@ function isPublicRoute(pathname: string): boolean {
return PUBLIC_ROUTES.some((route) => pathname === route || pathname.startsWith(route + '/')); return PUBLIC_ROUTES.some((route) => pathname === route || pathname.startsWith(route + '/'));
} }
function loginRedirect(pathname: string): never {
const target = '/login?redirect=' + encodeURIComponent(pathname);
redirect(302, target);
}
export const handle: Handle = async ({ event, resolve }) => { export const handle: Handle = async ({ event, resolve }) => {
if (isPublicRoute(event.url.pathname)) { if (isPublicRoute(event.url.pathname)) {
return resolve(event); return resolve(event);
@@ -20,14 +25,14 @@ export const handle: Handle = async ({ event, resolve }) => {
const sessionCookie = event.cookies.get('session'); const sessionCookie = event.cookies.get('session');
if (!sessionCookie) { if (!sessionCookie) {
redirect(302, '/login'); loginRedirect(event.url.pathname);
} }
const api = apiClient(event.fetch); const api = apiClient(event.fetch);
const { data, error } = await api.GET('/v1/auth/me'); const { data, error } = await api.GET('/v1/auth/me');
if (error || !data?.data) { if (error || !data?.data) {
redirect(302, '/login'); loginRedirect(event.url.pathname);
} }
const user = data.data; const user = data.data;