[英]How to prevent certain users from accessing a route and any subroutes in React?
防止特定用户访问react-router中的路线及其任何子路线的最佳方法是什么?
例如,我有一个路由/admin/ ,它还有许多其他子路由,例如/admin/create-user 、 /admin/settings等。
是否有另一种方法可以阻止用户访问这些路由而不在每个组件上指示某些条件?
if (user.role.name !== "Admin") {
return (
<div className="error-page">
<h1>Sorry, you don't have rights to access this page.</h1>
</div>
);
} else {
// render admin component
}
您需要使用自定义的 ProtectedRoute 组件,并将所需的角色传递给此组件,无论用户是否可以 go 到该路由。
代码沙盒:
https://codesandbox.io/s/so-protect-route-roles-z7j3l
ProtectedRoute.js:
import React from "react";
import { Route, Redirect } from "react-router-dom";
import {user} from "./AuthService";
export const ProtectedRoute = ({
path,
component: Component,
render,
requiredRole,
...rest
}) => {
return (
<Route
path={path}
{...rest}
render={props => {
if (user.role.name === requiredRole) {
return Component ? <Component {...props} /> : render(props);
} else {
return <Redirect to="/error" />;
}
}}
/>
);
};
export default ProtectedRoute;
AuthService 就是这样,您需要对其进行修改以满足您的要求。
AuthService.js(您可以将角色更改为管理员,以使用它)
export const user = {
name: "User 1",
role:{
name: "User"
}
}
App.js(请注意,我们使用了 ProtectedRoute 组件,并将所需的角色传递给它)
import React, { Component } from "react";
import { BrowserRouter as Router, Link, Route } from "react-router-dom";
import Home from "./Home";
import User from "./User";
import Admin from "./Admin";
import Login from "./Login";
import ErrorPage from "./ErrorPage";
import ProtectedRoute from "./ProtectedRoute";
class App extends Component {
render() {
return (
<Router>
<div>
<ul>
<li>
<Link to="/">Home</Link>
</li>
<li>
<Link to="/user">User</Link>
</li>
<li>
<Link to="/admin">Admin</Link>
</li>
</ul>
<Route exact path="/" component={Home} />
<Route exact path="/login" component={Login} />
<Route exact path="/error" component={ErrorPage} />
<ProtectedRoute path="/user" component={User} requiredRole="User" />
<ProtectedRoute path="/admin" component={Admin} requiredRole="Admin" />
</div>
</Router>
);
}
}
export default App;
使用此设置,没有管理员角色的用户无法导航到管理员及其嵌套路由。
使用如图所示的 Route 组件
if(user.role.name !== "Admin") {
<Route path="/admin" component={Admin} />
} else {
<Redirect to="/" />
}
如果管理员显示组件,否则重定向到主页。
如何防止未登录的用户访问 admin 路由?
[英]How to prevent users who are not logged in from accessing the admin route?
如何防止用户在React Router V3中意外更改路由
[英]How to prevent users from accidental route change in react router v3
React Router V6:防止用户直接访问子路由并重定向到父路由
[英]React Router V6: prevent user from accessing children routes directly and redirect to parent route
如何防止feathers.js返回users路由中的所有用户
[英]How to prevent feathers.js from returning all users in the users route
除非发生某些事件,否则如何使所有用户无法访问 React 中的路由
[英]How to make a route in React inaccessible to all users except when certain events happen
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.