29 lines
1.1 KiB
Markdown
29 lines
1.1 KiB
Markdown
---
|
|
# nuzlocke-tracker-2zwg
|
|
title: Protect frontend routes with ProtectedRoute and AdminRoute
|
|
status: todo
|
|
type: task
|
|
priority: normal
|
|
created_at: 2026-03-21T10:06:20Z
|
|
updated_at: 2026-03-21T10:06:24Z
|
|
parent: nuzlocke-tracker-ce4o
|
|
blocked_by:
|
|
- nuzlocke-tracker-5svj
|
|
---
|
|
|
|
Use the existing \`ProtectedRoute\` component (currently unused) and create an \`AdminRoute\` component to guard routes in \`App.tsx\`.
|
|
|
|
## Checklist
|
|
|
|
- [ ] Wrap \`/runs/new\` and \`/genlockes/new\` with \`ProtectedRoute\` (requires login)
|
|
- [ ] Create \`AdminRoute\` component that checks \`isAdmin\` from \`useAuth()\`, redirects to \`/\` with a toast/message if not admin
|
|
- [ ] Wrap all \`/admin/*\` routes with \`AdminRoute\`
|
|
- [ ] Ensure \`/runs\` and \`/runs/:runId\` remain accessible to everyone (public run viewing)
|
|
- [ ] Verify deep-linking works (e.g., visiting \`/admin/games\` while logged out redirects to login, then back to \`/admin/games\` after auth)
|
|
|
|
## Files to change
|
|
|
|
- \`frontend/src/App.tsx\` — wrap routes
|
|
- \`frontend/src/components/ProtectedRoute.tsx\` — already exists, verify it works
|
|
- \`frontend/src/components/AdminRoute.tsx\` — new file
|