Implemented actual authentication guards, began implementing main login user flows

ui/src/router/index.js

@@ -1,45 +1,67 @@
+import { useUserStore } from '@/stores/user'
 import { createRouter, createWebHistory } from 'vue-router'
 
 const router = createRouter({
   history: createWebHistory(import.meta.env.BASE_URL),
   routes: [
-    { path: '/applications', component: () => import('@/pages/ManageApplications.vue') },
-    { path: '/applications/:id', component: () => import('@/pages/Application.vue') },
-    { path: '/rankChange', component: () => import('@/pages/RankChange.vue') },
-    { path: '/members', component: () => import('@/pages/memberList.vue') },
-    { path: '/loa', component: () => import('@/pages/SubmitLOA.vue') },
-    { path: '/transfer', component: () => import('@/pages/Transfer.vue') },
-    { path: '/calendar', component: () => import('@/pages/Calendar.vue') },
+    // PUBLIC
+    { path: '/join', component: () => import('@/pages/Join.vue') },
+
+    // AUTH REQUIRED
+    { path: '/apply', component: () => import('@/pages/Application.vue'), meta: { requiresAuth: true } },
+
+    // MEMBER ROUTES
+    { path: '/members', component: () => import('@/pages/memberList.vue'), meta: { requiresAuth: true, memberOnly: true } },
+    { path: '/loa', component: () => import('@/pages/SubmitLOA.vue'), meta: { requiresAuth: true, memberOnly: true } },
+    { path: '/transfer', component: () => import('@/pages/Transfer.vue'), meta: { requiresAuth: true, memberOnly: true } },
+    { path: '/calendar', component: () => import('@/pages/Calendar.vue'), meta: { requiresAuth: true, memberOnly: true } },
+
+    // ADMIN / STAFF ROUTES
     {
       path: '/administration',
+      meta: { requiresAuth: true, memberOnly: true, roles: ['staff', 'admin'] },
       children: [
-        {
-          path: 'applications',
-          component: () => import('@/pages/ManageApplications.vue')
-        },
-        {
-          path: 'rankChange',
-          component: () => import('@/pages/RankChange.vue')
-        },
-        {
-          path: 'applications/:id',
-          component: () => import('@/pages/Application.vue')
-        },
-        {
-          path: 'transfer',
-          component: () => import('@/pages/ManageTransfers.vue')
-        },
-        {
-          path: 'loa',
-          component: () => import('@/pages/ManageLOA.vue')
-        },
-        {
-          path: 'roles',
-          component: () => import('@/pages/ManageRoles.vue')
-        }
+        { path: 'applications', component: () => import('@/pages/ManageApplications.vue') },
+        { path: 'rankChange', component: () => import('@/pages/RankChange.vue') },
+        { path: 'applications/:id', component: () => import('@/pages/Application.vue') },
+        { path: 'transfer', component: () => import('@/pages/ManageTransfers.vue') },
+        { path: 'loa', component: () => import('@/pages/ManageLOA.vue') },
+        { path: 'roles', component: () => import('@/pages/ManageRoles.vue') }
       ]
-    }
+    },
+
+    // UNAUTHORIZED PAGE
+    { path: '/unauthorized', component: () => import('@/pages/Unauthorized.vue') }
   ]
 })
 
-export default router
+router.beforeEach(async (to) => {
+  const userStore = useUserStore()
+
+  // Make sure user state is loaded before checking
+  if (!userStore.loaded) {
+    console.log('loaduser')
+    await userStore.loadUser();
+  }
+
+  // Not logged in
+  if (to.meta.requiresAuth && !userStore.isLoggedIn) {
+    // Redirect back to original page after login
+    const redirectUrl = encodeURIComponent(window.location.origin + to.fullPath)
+    window.location.href = `https://aj17thdevapi.nexuszone.net/login?redirect=${redirectUrl}`
+    return false // Prevent Vue Router from continuing
+  }
+
+
+  // // Must be a member
+  // if (to.meta.memberOnly && userStore.status !== 'member') {
+  //   return '/unauthorized'
+  // }
+
+  // // Must have specific role
+  // if (to.meta.roles && !to.meta.roles.includes(userStore.role)) {
+  //   return '/unauthorized'
+  // }
+})
+
+export default router;