jeffemmett
/
rspace-online
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(auth): redirect logged-out visitors from private spaces to module landing 

Non-demo space dashboards now redirect logged-out visitors to
rspace.online/ instead of showing another user's rApp grid. Private
space module pages redirect to rspace.online/{moduleId} instead of
showing the sign-in gate overlay.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jeff Emmett 2026-03-24 11:39:39 -07:00
parent fdf4db2050
commit 724c0e16ba
2 changed files with 19 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
server/landing.ts
View File

@ -340,15 +340,20 @@ export function renderSpaceDashboard(space: string, modules: ModuleInfo[]): stri
document.querySelector('rstack-app-switcher')?.setModules(${moduleListJSON}); document.querySelector('rstack-app-switcher')?.setModules(${moduleListJSON});
// Logged-in users: redirect to rSpace canvas instead of showing the grid // Logged-in users: redirect to rSpace canvas instead of showing the grid
// Non-demo spaces: redirect logged-out visitors to the main domain landing
try { try {
var raw = localStorage.getItem('encryptid_session'); var raw = localStorage.getItem('encryptid_session');
if (raw) { var loggedIn = raw && JSON.parse(raw)?.accessToken;
var session = JSON.parse(raw); if (loggedIn) {
if (session?.accessToken) { var dest = window.__rspaceNavUrl
var dest = window.__rspaceNavUrl ? window.__rspaceNavUrl('${escapeAttr(space)}', 'rspace')
? window.__rspaceNavUrl('${escapeAttr(space)}', 'rspace') : '/${escapeAttr(space)}/rspace';
: '/${escapeAttr(space)}/rspace'; window.location.replace(dest);
window.location.replace(dest); } else if ('${escapeAttr(space)}' !== 'demo') {
// Don't show other users' space dashboards to logged-out visitors
var host = window.location.host.split(':')[0];
if (host.endsWith('.rspace.online') || host === 'rspace.online') {
window.location.replace('https://rspace.online/');
} }
} }
} catch(e) {} } catch(e) {}

8
server/shell.ts
View File

@ -636,8 +636,14 @@ export function renderShell(opts: ShellOptions): string {
return; return;
} }
// Private spaces: need session + membership check // Private spaces: redirect logged-out visitors to the module landing page
if (!hasToken) { if (!hasToken) {
var host = window.location.host.split(':')[0];
if (host.endsWith('.rspace.online') || host === 'rspace.online') {
var modId = document.body.getAttribute('data-module-id') || 'rspace';
window.location.replace('https://rspace.online/' + modId);
return;
}
showGate('sign-in'); showGate('sign-in');
return; return;
} }