Flow-Router Question: Make an entire route group public?

a.com · July 3, 2016, 1:24pm

I have a FlowRouter setup that basically says:

“Make sure a user is signed in, and if they are not, re-route them to the login page. Do this for every route, except for this list of routes (then I have an array of hard-coded routes that are exempt from the signed in requirement)”

The code is below

My problem is that I’d like to give users a public profile page. These will be created dynamically, so I can’t continually hard code it into my array of exempt routes.

Ideally, I’d create a route group called “public” (or something) and put the “public” group into that array of exempt routes. But I’m pretty sure that I tried this and the exempt array only takes in specific routes and not the prefixes/groups…

Does anybody know the solution for this?

FlowRouter.triggers.enter([function(context, redirect){

    if(!Meteor.userId()) {
        FlowRouter.go('login');
    }


}], {except: [
    "sign-up",
    "login",
    "LandingPage",
]});




//***** ON LOGIN AND ON LOGOUT

// these methods need to run on the client
if(Meteor.isClient) {

    Accounts.onLogin(function(){
        FlowRouter.go('HomeDashboardPage');
    });

    Accounts.onLogout(function(){
        FlowRouter.go('login');
    });

}

a.com · July 3, 2016, 1:40pm

Well, it looks like this is not possible:

is there any reason this isn’t possible? Is it just too much work to implement or is there another reason?

This seems like a pretty standard use case to me

Has anyone found a workaround?

a.com · July 3, 2016, 1:50pm

It seems maybe the solution is to forget global triggers entirely and to put all the “is user signed in” checks into the templates? Maybe in their onRender/onCreated functions???

a.com · July 3, 2016, 1:57pm

Im sort of talking to myself at this point… but maybe the best thing to do is similar to what is proposed in the guide?

create a component that checks if they are logged in, then wrap every page that requires a login in that wrapper component? Then get rid of the global triggers?

EDIT:

Yes it seems this is the best route… create a wrapper that checks if the user is logged in, and then wrap every page that needs authorization inside of that “authorization” blaze template.

Cool.

If anybody reads this and thinks this is wrong, please do let me know!