fix(auth): detect banned/deleted user on page load via InitializeAsync
- LoginService.InitializeAsync: after fetching LoggedUser, check IsBanned and DeletedAt. If banned/disabled, set ForceLogoutReason, call Logout to clear state, and return false - App.razor: after InitializeAsync completes, check ForceLogoutReason and navigate to /login if set. This handles the timing issue where MainLayout isnt created yet when the event fires on page load Refs #45
This commit is contained in:
@@ -1,4 +1,5 @@
|
||||
@inject LoginService loginService
|
||||
@inject NavigationManager NavigationManager
|
||||
|
||||
@if (_initialized) {
|
||||
<Router AppAssembly="typeof(Program).Assembly">
|
||||
@@ -20,5 +21,8 @@
|
||||
protected override async Task OnInitializedAsync() {
|
||||
await loginService.InitializeAsync();
|
||||
_initialized = true;
|
||||
|
||||
if (loginService.ForceLogoutReason != null)
|
||||
NavigationManager.NavigateTo("/login", true);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -112,6 +112,19 @@ public sealed class LoginService : ServiceBase {
|
||||
|
||||
AuthInfo = auth;
|
||||
LoggedUser = await FetchLoggedUserAsync();
|
||||
|
||||
if (LoggedUser is { IsBanned: true }) {
|
||||
ForceLogoutReason = "User is banned";
|
||||
await Logout();
|
||||
return false;
|
||||
}
|
||||
|
||||
if (LoggedUser is { DeletedAt: not null }) {
|
||||
ForceLogoutReason = "User is disabled";
|
||||
await Logout();
|
||||
return false;
|
||||
}
|
||||
|
||||
return IsLoggedIn;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user