Implement guards to disallow certain pages based on login state

Closes #37

src/app/api/guards/admin-authentication.guard.ts

@@ -0,0 +1,17 @@
+import {CanActivateFn, Router} from "@angular/router";
+import {inject} from "@angular/core";
+import {AuthService} from "../auth.service";
+import {BannerService} from "../../banners/banner.service";
+import {ExtendedUser} from "../types/extended-user";
+import {UserRoles} from "../types/user-roles";
+
+export const adminAuthenticationGuard: CanActivateFn = () => {
+  const user: ExtendedUser | undefined = inject(AuthService).user;
+  if(!user || user.role < UserRoles.Admin) {
+    inject(Router).navigate(['/']);
+    inject(BannerService).pushError("Unauthorized", "You lack the permissions to view this page.")
+    return false;
+  }
+
+  return true;
+}

src/app/api/guards/authentication.guard.ts

@@ -0,0 +1,17 @@
+import {CanActivateFn, Router} from "@angular/router";
+import {AuthService} from "../auth.service";
+import {inject} from "@angular/core";
+import {BannerService} from "../../banners/banner.service";
+
+// Adapted from SoundShapes-web
+// https://github.com/turecross321/soundshapes-web/blob/master/src/app/auth/auth.guard.ts
+
+export const authenticationGuard: CanActivateFn = () => {
+  if(!inject(AuthService).user) {
+    inject(Router).navigate(['/login']);
+    inject(BannerService).pushWarning("Not logged in", "This page requires that you log in or register.")
+    return false;
+  }
+
+  return true;
+}

src/app/api/guards/no-authentication.guard.ts

@@ -0,0 +1,14 @@
+import {CanActivateFn, Router} from "@angular/router";
+import {ExtendedUser} from "../types/extended-user";
+import {inject} from "@angular/core";
+import {AuthService} from "../auth.service";
+
+export const noAuthenticationGuard: CanActivateFn = () => {
+  const user: ExtendedUser | undefined = inject(AuthService).user;
+  if(user) {
+    inject(Router).navigate(['/']);
+    return false;
+  }
+
+  return true;
+}

src/app/app-routing.module.ts

@@ -26,6 +26,9 @@ import {DeleteAccountComponent} from "./pages/delete-account/delete-account.comp
 import {AdminRegistrationsComponent} from "./pages/admin-registrations/admin-registrations.component";
 import {AdminUsersComponent} from "./pages/admin-users/admin-users.component";
 import {EditLevelComponent} from "./pages/edit-level/edit-level.component";
+import {authenticationGuard} from "./api/guards/authentication.guard";
+import {adminAuthenticationGuard} from "./api/guards/admin-authentication.guard";
+import {noAuthenticationGuard} from "./api/guards/no-authentication.guard";
 
 const routes: Routes = [
   { path: "", component: MainComponent },
@@ -35,38 +38,39 @@ const routes: Routes = [
 
   { path: "levels/:route", component: LevelListingComponent },
   { path: "level/:id", component: LevelComponent },
-  { path: "level/:id/edit", component: EditLevelComponent },
+  { path: "level/:id/edit", component: EditLevelComponent, canActivate: [authenticationGuard] },
   { path: "slot/:id", redirectTo: "level/:id" },
   { path: "slot/:id/edit", redirectTo: "level/:id/edit" },
 
   { path: "user/:username", component: UserComponent },
   { path: "u/:uuid", component: UserComponent },
-  { path: "login", component: LoginComponent },
-  { path: "logout", component: LogoutComponent },
+
+  { path: "login", component: LoginComponent, canActivate: [noAuthenticationGuard] },
+  { path: "logout", component: LogoutComponent, canActivate: [authenticationGuard] },
   { path: "forgotPassword", component: ForgotPasswordComponent },
+  { path: "register", component: RegisterComponent, canActivate: [noAuthenticationGuard] },
 
-  { path: "settings", component: SettingsComponent },
-  { path: "settings/delete", component: DeleteAccountComponent },
+  { path: "settings", component: SettingsComponent, canActivate: [authenticationGuard] },
+  { path: "settings/delete", component: DeleteAccountComponent, canActivate: [authenticationGuard] },
   { path: "verify", redirectTo: "settings/verifyEmail" },
-  { path: "settings/verifyEmail", component: VerifyComponent },
+  { path: "settings/verifyEmail", component: VerifyComponent, canActivate: [authenticationGuard] },
+  { path: "auth", redirectTo: "settings/authentication" },
   { path: "authentication", redirectTo: "settings/authentication" },
-  { path: "settings/authentication", component: AuthenticationComponent },
+  { path: "settings/authentication", component: AuthenticationComponent, canActivate: [authenticationGuard] },
 
   { path: "photos", component: PhotoListingComponent },
   { path: "photo/:id", component: PhotoPageComponent },
-  { path: "notifications", component: NotificationListingComponent },
+  { path: "notifications", component: NotificationListingComponent, canActivate: [authenticationGuard] },
   { path: "activity", component: ActivityComponent },
   { path: "docs", redirectTo: "documentation" },
   { path: "documentation", component: DocumentationComponent },
-  { path: "auth", redirectTo: "authentication" },
-  { path: "register", component: RegisterComponent },
 
-  { path: "admin", component: AdminPanelComponent },
-  { path: "admin/level/:id", component: AdminLevelComponent },
-  { path: "admin/user/:uuid", component: AdminUserComponent },
-  { path: "admin/users", component: AdminUsersComponent },
+  { path: "admin", component: AdminPanelComponent, canActivate: [adminAuthenticationGuard] },
+  { path: "admin/level/:id", component: AdminLevelComponent, canActivate: [adminAuthenticationGuard] },
+  { path: "admin/user/:uuid", component: AdminUserComponent, canActivate: [adminAuthenticationGuard] },
+  { path: "admin/users", component: AdminUsersComponent, canActivate: [adminAuthenticationGuard] },
   { path: "admin/registrations", redirectTo: "admin/queuedRegistrations" },
-  { path: "admin/queuedRegistrations", component: AdminRegistrationsComponent },
+  { path: "admin/queuedRegistrations", component: AdminRegistrationsComponent, canActivate: [adminAuthenticationGuard] },
 ];
 
 if(isDevMode()) {