Skip to content

Add guestGuard to protect login route#9

Merged
Pho3niX90 merged 1 commit intomasterfrom
feature/auth-improvement
Dec 25, 2025
Merged

Add guestGuard to protect login route#9
Pho3niX90 merged 1 commit intomasterfrom
feature/auth-improvement

Conversation

@Pho3niX90
Copy link
Owner

@Pho3niX90 Pho3niX90 commented Dec 25, 2025
edited
Loading

User description

  • Introduced guestGuard to restrict access to the login page for authenticated users.
  • Updated app.routes.ts to apply guestGuard to the login route.

PR Type

Enhancement

Description

  • Introduce guestGuard to block authenticated users

  • Apply guard on /login route using canActivate

Diagram Walkthrough

flowchart LR
  A["Login Route"] -- "canActivate guestGuard" --> B{"Authenticated?"}
  B -- "true" --> C["Redirect to Home"]
  B -- "false" --> D["Render Login"]
Loading

File Walkthrough
Relevant files
Configuration changes
app.routes.ts
Apply guestGuard to login route                                                   

frontend/src/app/app.routes.ts

  • Import guestGuard from guest.guard.ts
  • Add canActivate: [guestGuard] to login route
  • Minor formatting adjustments
 +8/-6     
Enhancement
guest.guard.ts
Implement guestGuard logic                                                             

frontend/src/app/guest.guard.ts

  • Create guestGuard function file
  • Inject AuthService and Router dependencies
  • Redirect authenticated users to home
  • Allow access for unauthenticated users
 +14/-0   

@Pho3niX90
Add guestGuard to secure login route for unauthenticated users
93320f5 
- Introduced `guestGuard` to restrict access to the login page for authenticated users.
- Updated `app.routes.ts` to apply `guestGuard` to the login route.
@Pho3niX90 Pho3niX90 added the enhancement New feature or request label Dec 25, 2025
@Pho3niX90 Pho3niX90 changed the title Add guestGuard to secure login route for unauthenticated users Add guestGuard to protect login route Dec 25, 2025
@Pho3niX90
Copy link
Owner Author

Pho3niX90 commented Dec 25, 2025

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
🧪 No relevant tests
🔒 No security concerns identified
⚡ Recommended focus areas for review

Async Handling

Ensure isAuthenticated() returns a synchronous boolean. If it returns an Observable or Promise, the guard should await or convert it to a boolean result (e.g. with firstValueFrom or map).

 
if (authService.isAuthenticated()) {
  return router.createUrlTree(['/']);
}

return true;
Wildcard Route

Confirm the wildcard route includes pathMatch: 'full' to prevent unintended prefix matches or redirect loops.

 
{path: '**', redirectTo: ''}

@Pho3niX90
Copy link
Owner Author

Pho3niX90 commented Dec 25, 2025

PR Code Suggestions ✨

Explore these optional code suggestions:

CategorySuggestion                                                                                                                                    Impact
Security
Add authentication guard

Protect the root route by adding authGuard to prevent unauthenticated users from
accessing protected pages. This ensures that only logged-in users can load the
layout and its child routes.

frontend/src/app/app.routes.ts [13-15]

 {
   path: '',
   component: Layout,
+  canActivate: [authGuard],
   children: [...]
 }
Suggestion importance[1-10]: 9

__

Why: Adding authGuard to the root Layout route ensures that only authenticated users can access all child routes, significantly improving security.

High

@Pho3niX90 Pho3niX90 merged commit db5bb37 into master Dec 25, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

enhancement New feature or request Review effort 2/5

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Pho3niX90