authRoutes function
Registers Archery's built-in authentication routes onto the provided router.
Routes include:
GET /login(guest-only)POST /loginGET /register(guest-only)POST /register
These routes assume the bundled auth views exist (e.g. auth.login, auth.register)
and that the User model is available for persistence.
Implementation
void authRoutes(Router router) {
router.group(
routes: () {
router.get('/login', middleware: [Guest.middleware], (request) async {
return request.view("auth.login");
});
router.get('/register', middleware: [Guest.middleware], (request) async {
return request.view("auth.register");
});
router.post('/register', (request) async {
try {
final form = request.form();
final name = await form.input('name');
final email = await form.input('email');
final password = await form.input('password');
// Todo- form.validate(field as [.email, .phone, .name, .])
// or use a FormValidator.validate()
// opt 1 gives easy prototyping option
// add a method on FormRequest
// avoid extending Request, use buffered content and _request in FormRequest
if (name == null ||
name.toString().isEmpty ||
email == null ||
email.toString().isEmpty ||
password == null ||
password.toString().isEmpty) {
return request.redirectBack();
}
final userRecord = await Model.firstWhere<User>(
field: "email",
value: email,
);
if (userRecord != null) return request.redirectBack();
final user = User(name: name, email: email, password: password);
await user.save();
return request.redirectToLogin();
} catch (e) {
return request.redirectBack();
}
});
router.post('/login', (request) async {
try {
final form = request.form();
final email = await form.input('email');
final password = await form.input('password');
if (email == null ||
email.toString().isEmpty ||
password == null ||
password.toString().isEmpty) {
return request.redirectBack();
}
if (await Auth.login(email: email, password: password)) {
final cookie = Cookie('archery_session', App.generateKey())
..httpOnly = true
..secure =
true // only over HTTPS
..sameSite = SameSite.lax;
final sessions = App().container.tryMake<List<AuthSession>>();
final session = sessions?.firstWhereOrNull(
(session) => session.email == email,
);
if (session != null) {
session.cookie = cookie;
request.response.cookies.add(cookie);
}
return request.redirectToDashboard();
}
return request.redirectBack();
} catch (e) {
return request.redirectBack();
}
});
router.get('/logout', (request) async {
await Auth.logout(request);
return request.redirectHome();
});
router.group(
prefix: "/user",
middleware: [Auth.middleware],
routes: () {
// - grouped for profile & dashboard crud
router.group(
prefix: "/profile",
routes: () {
router.get("/", (request) async {
return request.view("auth.user.profile");
});
},
);
router.group(
prefix: "/dashboard",
routes: () {
router.get("/", (request) async {
return request.view("auth.user.dashboard");
});
},
);
},
);
},
);
}