0

Is there a more elegant way to prevent unauthorized access to an admin-only route than writing this in all of my admin routes?

export default Ember.Route.extend(AuthenticatedRouteMixin, {
  beforeModel: function(){
    if(!this.get('session.secure.admin')) this.transitionTo("dashboard");
  }
});

Perhaps it's possible to extend AuthenticatedRouteMixin itself to make this kind of check? Thanks!

Jordan Arsenault
  • 7,100
  • 8
  • 53
  • 96

1 Answers1

4

Why not just make the mixin?

import Ember from 'ember';
import AuthenticatedRouteMixin from 'wherever/it/is'.

const { Mixin } = Ember;

export default Mixin.create(AuthenticatedRouteMixin, {
  beforeModel(){
    if(!this.get('session.secure.admin')) {
      this.transitionTo("dashboard");
    }
  }
})

And then import it in your routes:

import Ember from 'ember';
import AdminCheckMixin from 'yourApp/mixins/routes/admin-check';

const { Route } = Ember;

export default Route.extend(AdminCheckMixin);
Patsy Issa
  • 11,113
  • 4
  • 55
  • 74
  • *Why not just make the mixin?* Because I started Ember yesterday and it's a lot to take in! Thanks for your help! – Jordan Arsenault Sep 07 '15 at 08:57
  • @JordanArseno Sorry assumed that you knew that from the title of your question, join us on the [ember community slack](https://ember-community-slackin.herokuapp.com/) – Patsy Issa Sep 07 '15 at 09:00
  • It seems to work, but, is `Mixin.create(target, extensionObj)` really a thing tho? See [official docs](http://emberjs.com/api/classes/Ember.Mixin.html#method_create) – Jordan Arsenault Sep 07 '15 at 09:00