diff --git a/packages/frontend-2/middleware/requireValidSsoSession.ts b/packages/frontend-2/middleware/requireValidSsoSession.ts new file mode 100644 index 0000000000..f0d1371c18 --- /dev/null +++ b/packages/frontend-2/middleware/requireValidSsoSession.ts @@ -0,0 +1,24 @@ +import { until } from '@vueuse/core' +import { workspaceRoute, settingsWorkspaceRoutes } from '~/lib/common/helpers/route' +import { useWorkspaceSsoStatus } from '~/lib/workspaces/composables/sso' + +/** + * Validate that a user has an active SSO session for the workspace + */ +export default defineNuxtRouteMiddleware(async (to) => { + // General settings can always bed accessed + if (to.name === settingsWorkspaceRoutes.general.name) { + return + } + + const workspaceSlug = computed(() => to.params.slug as string) + if (!workspaceSlug.value) return + + const { needsSsoLogin, loading } = useWorkspaceSsoStatus({ workspaceSlug }) + + await until(loading).toBe(false) + + if (needsSsoLogin.value) { + return navigateTo(workspaceRoute(workspaceSlug.value)) + } +}) diff --git a/packages/frontend-2/nuxt.config.ts b/packages/frontend-2/nuxt.config.ts index e2712a80a7..9c45169965 100644 --- a/packages/frontend-2/nuxt.config.ts +++ b/packages/frontend-2/nuxt.config.ts @@ -226,7 +226,8 @@ export default defineNuxtConfig({ 'auth', 'settings', 'requires-workspaces-enabled', - 'require-valid-workspace' + 'require-valid-workspace', + 'require-valid-sso-session' ] }, '/downloads': {