Restricting auth required actions for guest users on HapRamp Alpha Web App
Repository
https://github.com/hapramp/alpha-web
Bug Description
The HapRamp alpha web app allows users to browse the app as a guest (i.e. without signing in). This is a good thing for people who just come in to read some content and walk away. But it may be possible that these guest users try to rate/comment on the app.
Previously, there was no check for auth status and hence the actions were not restricted. In this post, I will be describing the way in which I handled this case without having to change a significant part of the code.
Solution
To achieve this, I created an intermediate wrapper for the actions which would check the login status of current user and dispatch accordingly. It worked using the following logic -
- Is the user logged in while performing the action?
- Yes
Let him perform the action - No
Toast a UI notification asking them to log in.
- Yes
The function looks something like this -
import notify from './notification'; // For creating UI notifications
import getStore from './storeUtils'; // For getting store state
const notAuthorizedError = () => dispatch => {
notify.danger('Please log in first!');
return Promise.reject();
};
export const authRequired = target => getStore().getState().login.isLoggedIn ? target : notAuthorizedError;
All the actions that required auth from user were then wrapped with this function to achieve the desired results. Here is an example -
export const ratePost = authRequired((author, permlink, vote) => dispatch => {
... // Implementation of actual action
});
Commits
- https://github.com/hapramp/alpha-web/commit/55c43f973ed6b48126d298fcd5470aef880ea57d
- https://github.com/hapramp/alpha-web/commit/83c08b2f09954e7f665305b8dac4297df479f579
- https://github.com/hapramp/alpha-web/commit/72e2ee624fa55e4e0d613c2d0c9b3aed8b4b7073
PS: We just went open source and are looking for helping hands. If you are interested, please visit https://github.com/hapramp/alpha-web.
Hi @singhpratyush, thanks for the contribution. It would be best to include more work per contribution as that will exponentially increase your chances of also getting rewarded for it. Also, please keep the following guideline in mind for future contributions
Need help? Write a ticket on https://support.utopian.io/.
Chat with us on Discord.
[utopian-moderator]
Thanks for your time @amosbastian. I'll keep that in mind.