Skip to content

Fix authguard#1695

Merged
lyubov-voloshko merged 2 commits into
mainfrom
fix-authguard
Apr 1, 2026
Merged

Fix authguard#1695
lyubov-voloshko merged 2 commits into
mainfrom
fix-authguard

Conversation

@lyubov-voloshko

@lyubov-voloshko lyubov-voloshko commented Apr 1, 2026

Copy link
Copy Markdown
Collaborator

Summary by CodeRabbit

  • New Features

    • Added a guard to automatically redirect authenticated users away from login and registration pages.
  • Chores

    • Removed loader route from the application routing configuration.
    • Reorganized guard file structure for improved maintainability.

Copilot AI review requested due to automatic review settings April 1, 2026 13:46
@coderabbitai

coderabbitai Bot commented Apr 1, 2026

Copy link
Copy Markdown

Caution

Review failed

Pull request was closed or merged during review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: c1c5cd6e-8dc1-4a1b-b1f5-1a0beb5d401e

📥 Commits

Reviewing files that changed from the base of the PR and between f314fa8 and f09f0fc.

📒 Files selected for processing (5)
  • frontend/src/app/app-routing.module.ts
  • frontend/src/app/guards/auth.guard.spec.ts
  • frontend/src/app/guards/auth.guard.ts
  • frontend/src/app/guards/no-auth.guard.ts
  • frontend/src/app/routes/password-change.routes.ts

📝 Walkthrough

Walkthrough

Reorganized route guards into a dedicated directory structure, introduced a new noAuthGuard to prevent authenticated users from accessing login and registration routes, and updated import paths accordingly.

Changes

Cohort / File(s) Summary
Guard Directory Reorganization
frontend/src/app/app-routing.module.ts, frontend/src/app/routes/password-change.routes.ts
Updated AuthGuard import paths from relative locations to new guards/ subdirectory structure; no functional changes to route configurations or guard behavior.
New Authentication Prevention Guard
frontend/src/app/guards/no-auth.guard.ts
Added noAuthGuard route guard that reads token_expiration from localStorage and redirects authenticated (non-expired token) users to /connections-list, allowing unauthenticated users to proceed.
Route Guard Application
frontend/src/app/app-routing.module.ts
Applied noAuthGuard to registration and login routes via canActivate; removed unused loader route definition.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 Guards arranged in folders neat,
Auth checks keeping paths discrete,
No sneaking past when tokens gleam,
Redirects flow like a well-oiled dream!

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Title check ❓ Inconclusive The title 'Fix authguard' is vague and generic—it doesn't specify what aspect of the auth guard is being fixed or what the main changes accomplish (e.g., reorganizing imports, adding a new noAuthGuard, improving route protection). Use a more specific title that describes the primary change, such as 'Refactor auth guards and add noAuthGuard for registration/login routes' to clearly convey the main objectives of the changeset.
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Security Check ✅ Passed The pull request implements secure authentication using HTTP-only cookies for JWT storage with proper backend validation, correctly separating UI state from security controls.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix-authguard

Comment @coderabbitai help to get the list of available commands and usage tips.

@lyubov-voloshko lyubov-voloshko merged commit 144d79f into main Apr 1, 2026
15 of 18 checks passed
@lyubov-voloshko lyubov-voloshko deleted the fix-authguard branch April 1, 2026 13:49

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates Angular route-guarding to fix AuthGuard imports/placement and to prevent authenticated users from accessing auth-only routes (e.g., login/registration).

Changes:

  • Move/update AuthGuard import usage to src/app/guards/auth.guard.ts and apply it to protected routes.
  • Introduce noAuthGuard to redirect authenticated users away from /login and /registration.
  • Update router config to apply noAuthGuard (and adjust guard ordering on /login).

Reviewed changes

Copilot reviewed 3 out of 5 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
frontend/src/app/routes/password-change.routes.ts Updates AuthGuard import path to the new guards location.
frontend/src/app/guards/no-auth.guard.ts Adds a new functional guard that redirects logged-in users away from auth pages.
frontend/src/app/guards/auth.guard.ts Adds a new AuthGuard implementation based on token_expiration.
frontend/src/app/guards/auth.guard.spec.ts Adds an initial unit test scaffold for AuthGuard.
frontend/src/app/app-routing.module.ts Applies new guard wiring for /login and /registration and updates AuthGuard import.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

import { setupGuard } from './guards/setup.guard';

const routes: Routes = [
{ path: '', redirectTo: '/connections-list', pathMatch: 'full' },

Copilot AI Apr 1, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The /loader route was removed from the router config, but AppComponent still sets redirect_uri to ${location.origin}/loader (frontend/src/app/app.component.ts:68). If this is used as an OAuth/SSO redirect, removing the route will cause a 404/broken login flow; either restore the /loader route or update the redirect URI to an existing route.

Suggested change
{ path: '', redirectTo: '/connections-list', pathMatch: 'full' },
{ path: '', redirectTo: '/connections-list', pathMatch: 'full' },
{ path: 'loader', redirectTo: '/login', pathMatch: 'full' },

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants