Internal: Vue: Redirect to login form on PHP session expiration - refs BT#21825

assets/vue/router/index.js

@@ -21,6 +21,7 @@ import assignments from "./assignments"
 import links from "./links"
 import glossary from "./glossary"
 import { useSecurityStore } from "../store/securityStore"
+import securityService from "../services/securityService"
 import MyCourseList from "../views/user/courses/List.vue"
 import MySessionList from "../views/user/sessions/SessionsCurrent.vue"
 import MySessionListPast from "../views/user/sessions/SessionsPast.vue"
@@ -167,23 +168,21 @@ const router = createRouter({
   ],
 })
 
-router.beforeEach((to, from, next) => {
+router.beforeEach(async (to, from, next) => {
-  if (to.matched.some((record) => record.meta.requiresAuth)) {
+  if (to.matched.some(record => record.meta.requiresAuth)) {
-    const securityStore = useSecurityStore()
+    try {
-
+      const response = await securityService.checkSession()
-    //console.log('requiresAuth');
+      const isAuthenticated = response.isAuthenticated
-    // this route requires auth, check if logged in
+      if (isAuthenticated) {
-    // if it is not, redirect to login page.
-    if (securityStore.isAuthenticated) {
         next()
       } else {
-      next({
+        next({ name: 'Login', query: { redirect: to.fullPath } })
-        path: "/login",
+      }
-        query: { redirect: to.fullPath },
+    } catch (error) {
-      })
+      console.error('Error checking session:', error)
+      next({ name: 'Login', query: { redirect: to.fullPath } })
     }
   } else {
-    //console.log('next');
     next() // make sure to always call next()!
   }
 })

assets/vue/services/securityService.js

@@ -1,4 +1,4 @@
-import baseService from "./baseService"
+import baseService from "./baseService";
 
 /**
  * @param {string} login
@@ -11,9 +11,18 @@ async function login({ login, password, _remember_me }) {
     username: login,
     password,
     _remember_me,
-  })
+  });
+}
+
+/**
+ * Checks the status of the user's session.
+ * @returns {Promise<Object>}
+ */
+async function checkSession() {
+  return await baseService.get('/check-session')
 }
 
 export default {
   login,
+  checkSession,
 }

src/CoreBundle/Controller/SecurityController.php

@@ -115,4 +115,14 @@ class SecurityController extends AbstractController
 
         return new JsonResponse($data, Response::HTTP_OK, [], true);
     }
+
+    #[Route('/check-session', name: 'check_session', methods: ['GET'])]
+    public function checkSession(): JsonResponse
+    {
+        if ($this->authorizationChecker->isGranted('IS_AUTHENTICATED_FULLY')) {
+            return new JsonResponse(['isAuthenticated' => true]);
+        }
+
+        return new JsonResponse(['isAuthenticated' => false]);
+    }
 }