feat: require login for protected nav links

ralyodio · ralyodio · commit 92a8c4703750 · 2026-03-05T19:20:11.000Z
- Reputation, Pricing, x402, Dashboard, Invoices, Escrow redirect to /login?redirect=&lt;page&gt;
- Wallet (/web-wallet) and API Docs (/docs) remain public
- Home (/) remains public
- Login page reads ?redirect param and sends user there after login
diff --git a/src/app/login/LoginForm.tsx b/src/app/login/LoginForm.tsx
@@ -2,10 +2,12 @@
 
 import { useState } from 'react';
 import Link from 'next/link';
-import { useRouter } from 'next/navigation';
+import { useRouter, useSearchParams } from 'next/navigation';
 
 export default function LoginForm() {
   const router = useRouter();
+  const searchParams = useSearchParams();
+  const redirectTo = searchParams.get('redirect');
   const [formData, setFormData] = useState({
     email: '',
     password: '',
@@ -43,8 +45,10 @@ export default function LoginForm() {
         localStorage.setItem('auth_token', data.token);
       }
 
-      // Redirect based on admin status
-      if (data.merchant?.is_admin) {
+      // Redirect based on admin status or redirect param
+      if (redirectTo) {
+        router.push(redirectTo);
+      } else if (data.merchant?.is_admin) {
         router.push('/admin');
       } else {
         router.push('/dashboard');
diff --git a/src/components/Header.tsx b/src/components/Header.tsx
@@ -47,6 +47,8 @@ export default function Header() {
     router.push('/');
   };
 
+  const PUBLIC_ROUTES = new Set(['/', '/web-wallet', '/docs']);
+
   const navigation = [
     { name: 'Home', href: '/' },
     { name: 'Wallet', href: '/web-wallet' },
@@ -68,6 +70,11 @@ export default function Header() {
 
   const currentNav = isLoggedIn ? loggedInNavigation : navigation;
 
+  const getNavHref = (href: string) => {
+    if (isLoggedIn || PUBLIC_ROUTES.has(href)) return href;
+    return `/login?redirect=${encodeURIComponent(href)}`;
+  };
+
   return (
     <header className="bg-gray-900 border-b border-gray-800 sticky top-0 z-50">
       <nav className="mx-auto max-w-7xl px-4 sm:px-6 lg:px-8" aria-label="Top">
@@ -86,7 +93,7 @@ export default function Header() {
             {currentNav.map((item) => (
               <Link
                 key={item.name}
-                href={item.href}
+                href={getNavHref(item.href)}
                 className="text-sm font-medium text-gray-300 hover:text-white transition-colors"
               >
                 {item.name}
@@ -219,7 +226,7 @@ export default function Header() {
               {currentNav.map((item) => (
                 <Link
                   key={item.name}
-                  href={item.href}
+                  href={getNavHref(item.href)}
                   className="block px-3 py-2 text-base font-medium text-gray-300 hover:bg-gray-800 hover:text-white rounded-md transition-colors"
                   onClick={() => setMobileMenuOpen(false)}
                 >
