Home / Questions / 563446
Accepted
Daniel Rivas
Asked: 2022-10-21 16:22:41 +0800 CST 2022-10-21 16:22:41 +0800 CST

How to block access to a URL if you have not logged in

  • 772

I have a JavaScript project that consumes an API which sends a specific responseCode and returns the role, according to that role, it is redirected to the page that the user should see, but I need that when placing the URL it does not allow him to see unless logged in, if not logged in, return to login.

if (code == 0) {

    console.log('Usuario existe con rol: ' + rol, ' El mensaje del API fue: ' + message);

    if (rol == 'Administrador') {
        window.location.href = 'support/management/dashboard.html';
    } else {
        window.location.href = 'support/user/home.html?auth=true';
    }
} else {
    console.log('No permisos');

    Swal.fire({
        icon: 'error',
        title: 'Oops...',
        text: 'Usuario y/o Contraseña Incorrecto, verifique.'
    });
}

This would be basic JavaScript logic, and I'd like any page other than index.html not to be accessible unless logged in.

javascript

1 Answers

  1. Best Answer

    You can save the role in localStorage. Basically it saves data that persists ( here more info

    keep it like this

    if (code == 0) {
    localStorage.setItem('rol', rol)
    // ... el resto de tu código
}

    Then in each htmlyou can do get the rolfrom thelocalStorage

    const rol = localStorage.get('rol')

    and validate according to what you need

    if(rol === undefined) {
    //Significa que no se ha logueado porque no se ha guardado la variable
    window.location.href = 'login.html'
}

    either

    if(rol !== 'administrador') {
    //Solo administradores pueden ver esto
    window.location.href = 'index.html'
}

    NOTE

    The variable will persist localStorageuntil it is deleted. For that you can create an action log outand once you do it delete the variable.

    localStorage.removeItem('rol');

    Also if you want to only keep the variable in which the tab is open and once closed it is deleted, you can use sessionStorage (more info about sessionStorage)

    • 2