fix: auth flow - logout nuclear, router redirige admin a panel, login sin bloqueo BD
This commit is contained in:
@ -147,12 +147,13 @@ const router = createRouter({
|
||||
})
|
||||
|
||||
router.beforeEach(async (to, _from, next) => {
|
||||
// Rutas públicas: siempre pasan sin verificación
|
||||
if (!to.meta.requiresAuth && !to.meta.role) {
|
||||
// Rutas completamente públicas (splash, login)
|
||||
const publicRoutes = ['/login', '/splash', '/']
|
||||
if (publicRoutes.includes(to.path)) {
|
||||
return next()
|
||||
}
|
||||
|
||||
// Leer sesión activa de Supabase (sustituye el viejo localStorage)
|
||||
// Leer sesión activa de Supabase
|
||||
const { data: { session } } = await supabase.auth.getSession()
|
||||
|
||||
// Ruta protegida sin sesión → redirige a login
|
||||
@ -160,8 +161,8 @@ router.beforeEach(async (to, _from, next) => {
|
||||
return next('/login')
|
||||
}
|
||||
|
||||
// Ruta con restricción de rol → verificar en la BD
|
||||
if (to.meta.role && session) {
|
||||
// Si hay sesión, obtener el rol real del usuario
|
||||
if (session) {
|
||||
const { data: profile } = await supabase
|
||||
.from('users')
|
||||
.select('role')
|
||||
@ -169,16 +170,25 @@ router.beforeEach(async (to, _from, next) => {
|
||||
.single()
|
||||
|
||||
const userRole = profile?.role?.toUpperCase() || 'PASSENGER'
|
||||
const allowedRoles = Array.isArray(to.meta.role)
|
||||
? (to.meta.role as string[]).map(r => r.toUpperCase())
|
||||
: [(to.meta.role as string).toUpperCase()]
|
||||
|
||||
if (!allowedRoles.includes(userRole)) {
|
||||
// Redirigir a la vista correcta según su rol real
|
||||
if (userRole === 'ADMIN') return next('/admin')
|
||||
else if (userRole === 'DRIVER') return next('/driver')
|
||||
else if (userRole === 'PROMOTER') return next('/promoter')
|
||||
else return next('/map')
|
||||
// Si el admin entra a rutas de pasajero → redirigir al panel admin
|
||||
const passengerRoutes = ['/map', '/schedule', '/discover', '/transport', '/favorites', '/profile', '/coupons']
|
||||
if (userRole === 'ADMIN' && passengerRoutes.some(r => to.path.startsWith(r))) {
|
||||
return next('/admin')
|
||||
}
|
||||
|
||||
// Ruta con restricción de rol → verificar permiso
|
||||
if (to.meta.role) {
|
||||
const allowedRoles = Array.isArray(to.meta.role)
|
||||
? (to.meta.role as string[]).map(r => r.toUpperCase())
|
||||
: [(to.meta.role as string).toUpperCase()]
|
||||
|
||||
if (!allowedRoles.includes(userRole)) {
|
||||
if (userRole === 'ADMIN') return next('/admin')
|
||||
else if (userRole === 'DRIVER') return next('/driver')
|
||||
else if (userRole === 'PROMOTER') return next('/promoter')
|
||||
else return next('/map')
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user