65 lines
1.6 KiB
TypeScript
65 lines
1.6 KiB
TypeScript
import { authenticateUser } from "$lib/auth"
|
|
import { redirect, type Handle } from "@sveltejs/kit"
|
|
const protectedroutes = [
|
|
"/home",
|
|
"/catalog",
|
|
"/develop",
|
|
"/users",
|
|
"/avatar",
|
|
"/settings",
|
|
"/admin",
|
|
]
|
|
|
|
export const handle: Handle = async ({ event, resolve }) => {
|
|
// Stage 1
|
|
event.locals.user = await authenticateUser(event)
|
|
event.locals.jwt = event.cookies.get("jwt") ?? ""
|
|
event.locals.useragent = event.request.headers.get("user-agent")
|
|
//console.log(event.locals.user)
|
|
|
|
if (
|
|
protectedroutes.includes(event.url.pathname) === true ||
|
|
protectedroutes.some(substr =>
|
|
event.url.pathname.toLowerCase().startsWith(substr.toLowerCase()),
|
|
) === true
|
|
) {
|
|
if (!event.locals.user) {
|
|
throw redirect(303, "/")
|
|
}
|
|
if (
|
|
event.locals.user?.moderationstatus &&
|
|
event.locals.user.moderationstatus?.status.toUpperCase() != "OK" &&
|
|
event.url.pathname != "moderated"
|
|
) {
|
|
throw redirect(303, "/moderated")
|
|
}
|
|
}
|
|
if (event.url.pathname.toLowerCase().startsWith("/admin") === true) {
|
|
// admin route
|
|
if (!event.locals.user) {
|
|
throw redirect(303, "/")
|
|
}
|
|
if (event.locals.user.admin === false) {
|
|
throw redirect(303, "/")
|
|
}
|
|
}
|
|
|
|
const response = await resolve(event) // Stage 2
|
|
|
|
// Stage 3
|
|
//console.log(event.url.protocol)
|
|
if (event.url.protocol === "https:") {
|
|
response.headers.append(
|
|
"Content-Security-Policy",
|
|
"img-src 'self' data: wsrv.nl images.weserv.nl;upgrade-insecure-requests;",
|
|
)
|
|
} else {
|
|
response.headers.append(
|
|
"Content-Security-Policy",
|
|
"img-src 'self' data: wsrv.nl images.weserv.nl;",
|
|
)
|
|
}
|
|
|
|
return response
|
|
}
|