From b884466f4cdf20eb71e7663d1744ecc619c8758b Mon Sep 17 00:00:00 2001
From: Beat YT <66485277+Beat-YT@users.noreply.github.com>
Date: Mon, 29 Jul 2024 00:21:54 -0400
Subject: [PATCH 1/2] =?UTF-8?q?fix(serverAdd):=20block=20server=20addition?=
 =?UTF-8?q?=20and=20selection=20when=20disallowed=20b=E2=80=A6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 frontend/src/plugins/router/middlewares/login.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/frontend/src/plugins/router/middlewares/login.ts b/frontend/src/plugins/router/middlewares/login.ts
index f7e1a0fe5e0..7e7bb98eb5c 100644
--- a/frontend/src/plugins/router/middlewares/login.ts
+++ b/frontend/src/plugins/router/middlewares/login.ts
@@ -24,6 +24,10 @@ export async function loginGuard(
 
   if (!isNil(remote.auth.currentServer) && !isNil(remote.auth.currentUser) && !isNil(remote.auth.currentUserToken) && routes.has(to.path)) {
     destinationRoute = { path: '/', replace: true };
+  } else if (to.path === serverAddUrl && remote.auth.servers.length > 0 || to.path === serverSelectUrl) {
+    if (!jsonConfig.allowServerSelection) {
+      destinationRoute = { path: serverLoginUrl, replace: true };
+    }
   }
 
   if (remote.auth.servers.length <= 0 && jsonConfig.defaultServerURLs.length <= 0) {

From ab9aebe8556da27ff679a3a9611bbeb75744e7e4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fernando=20Fern=C3=A1ndez?= <ferferga@hotmail.com>
Date: Fri, 9 Aug 2024 18:09:36 +0200
Subject: [PATCH 2/2] refactor: simplify loginGuard logic

---
 .../src/plugins/router/middlewares/login.ts   | 58 +++++++++++--------
 1 file changed, 34 insertions(+), 24 deletions(-)

diff --git a/frontend/src/plugins/router/middlewares/login.ts b/frontend/src/plugins/router/middlewares/login.ts
index 7e7bb98eb5c..2b3c6fd18df 100644
--- a/frontend/src/plugins/router/middlewares/login.ts
+++ b/frontend/src/plugins/router/middlewares/login.ts
@@ -11,7 +11,17 @@ import { getJSONConfig } from '@/utils/external-config';
 const serverAddUrl = '/server/add';
 const serverSelectUrl = '/server/select';
 const serverLoginUrl = '/server/login';
-const routes = new Set([serverAddUrl, serverSelectUrl, serverLoginUrl]);
+const serverRoutes = new Set([serverAddUrl, serverSelectUrl]);
+const routes = new Set([...serverRoutes, serverLoginUrl]);
+
+/**
+ * Performs the login guard redirection ensuring no redirection loops happen
+ */
+function doRedir(dest: RouteLocationPathRaw, to: RouteLocationNormalized) {
+  return to.path === dest.path
+    ? true
+    : dest;
+}
 
 /**
  * Redirects to login page if there's no user logged in.
@@ -19,34 +29,34 @@ const routes = new Set([serverAddUrl, serverSelectUrl, serverLoginUrl]);
 export async function loginGuard(
   to: RouteLocationNormalized
 ): Promise<boolean | RouteLocationRaw> {
-  let destinationRoute: RouteLocationPathRaw | undefined;
   const jsonConfig = await getJSONConfig();
 
-  if (!isNil(remote.auth.currentServer) && !isNil(remote.auth.currentUser) && !isNil(remote.auth.currentUserToken) && routes.has(to.path)) {
-    destinationRoute = { path: '/', replace: true };
-  } else if (to.path === serverAddUrl && remote.auth.servers.length > 0 || to.path === serverSelectUrl) {
-    if (!jsonConfig.allowServerSelection) {
-      destinationRoute = { path: serverLoginUrl, replace: true };
-    }
+  if (jsonConfig.defaultServerURLs.length && isNil(remote.auth.currentServer)) {
+    await until(() => remote.auth.currentServer).toBeTruthy({ flush: 'pre' });
   }
 
-  if (remote.auth.servers.length <= 0 && jsonConfig.defaultServerURLs.length <= 0) {
-    destinationRoute = { path: serverAddUrl, replace: true };
-  } else if (!routes.has(to.path)) {
-    if (isNil(remote.auth.currentServer)) {
-      if (jsonConfig.allowServerSelection) {
-        destinationRoute = { path: serverSelectUrl, replace: true };
-      } else {
-        await until(() => remote.auth.currentServer).toBeTruthy({ flush: 'pre' });
+  if (
+    (
+      !jsonConfig.allowServerSelection
+      && serverRoutes.has(to.path)
+    )
+    || (
+      !isNil(remote.auth.currentServer)
+      && !isNil(remote.auth.currentUser)
+      && !isNil(remote.auth.currentUserToken)
+      && routes.has(to.path)
+    )
+  ) {
+    return doRedir({ path: '/', replace: true }, to);
+  }
 
-        return loginGuard(to);
-      }
-    } else if (isNil(remote.auth.currentUser)) {
-      destinationRoute = { path: serverLoginUrl, replace: true };
-    }
+  if (!remote.auth.servers.length) {
+    return doRedir({ path: serverAddUrl, replace: true }, to);
+  } else if (isNil(remote.auth.currentServer)) {
+    return doRedir({ path: serverSelectUrl, replace: true }, to);
+  } else if (isNil(remote.auth.currentUser)) {
+    return doRedir({ path: serverLoginUrl, replace: true }, to);
   }
 
-  return destinationRoute && to.path !== destinationRoute.path
-    ? destinationRoute
-    : true;
+  return true;
 }