Keystone-classic: Redirect non-administrators to custom route

Created on 22 Jun 2015  ·  15Comments  ·  Source: keystonejs/keystone-classic

Hello. I'd like to redirect users who do not have access to Keystone to a custom route rather than display the login page with the message "You're already signed in". Is this possible and if so, what would you recommend? I've already tried something like...

app.get('/keystone/signin', function(req, res, next){
    //if user is logged in but does not have Keystone access, redirect
    next();
});

but I suspect the internals of keystone.start() is preventing this from taking effect

question
Source
picture offmadisonave

Most helpful comment

@offmadisonave easiest would be to use signin redirect: it's an option you can set as a string or a function which allows you to determine where the user is redirected to when authentication succeeds:

keystone.set('signin redirect', '/whatever/url/you/want');
// -or-
keystone.set('signin redirect', function(user, req, res){
  var url = (user.isAdmin) ? '/keystone' : '/whatever/url/you/want';
  res.redirect(url);
});

There's other approaches too, but I think this one should be most suited.

picture creynders on 23 Jun 2015
👍11

All 15 comments

Have you taken a look at keystone middleware? A great example is located inside the keystone generator.

https://github.com/keystonejs/generator-keystone/blob/master/app/templates/routes/_index.js#L27

This isn't documented but keystone also comes with a requireUser function that may do what you are asking for.

https://github.com/keystonejs/generator-keystone/blob/master/app/templates/routes/_middleware.js#L64

peterpme picture peterpme on 22 Jun 2015

Thanks for the quick reply. Yes, I've looked and tried with no success to implement my middleware...

In common middleware section of index.js

keystone.pre('render', middleware.nonAdminSignIn);

In middleware.js

exports.nonAdminSignIn = function(req, res, next) {

    console.log('HELLO');

    //TODO: If user does not have Keystone access, redirect to Dashboard

    next();

};
emaddoma picture emaddoma on 22 Jun 2015

Hey, so the user model comes with a isAdmin key you can use. You can try something like this:

exports.nonAdminSignIn = function(req, res, next) {

  if (!req.user.isAdmin) {
    res.redirect('/your-dashboard');
  }
}
peterpme picture peterpme on 22 Jun 2015

This only works when the route accessed is not a Keystone route. I would like to redirect with this login if the route is /keystone/signin

emaddoma picture emaddoma on 22 Jun 2015

So when a user that IS a keystone user but does NOT have keystone access tries to access /keystone/signin, they should be redirected to another dashboard?

Or does the user not have keystone access period?

peterpme picture peterpme on 22 Jun 2015

They are indeed a user, but do not have access to the admin. Currently, these users log in and are left on the signin page with a message that they are already logged in.

emaddoma picture emaddoma on 22 Jun 2015

I'm going to see if I can find a solution with editing the keystone node module. Is that something you'd be ok with though?

peterpme picture peterpme on 22 Jun 2015

Yeah, that would be fine. Thank you

offmadisonave picture offmadisonave on 22 Jun 2015

@offmadisonave easiest would be to use signin redirect: it's an option you can set as a string or a function which allows you to determine where the user is redirected to when authentication succeeds:

keystone.set('signin redirect', '/whatever/url/you/want');
// -or-
keystone.set('signin redirect', function(user, req, res){
  var url = (user.isAdmin) ? '/keystone' : '/whatever/url/you/want';
  res.redirect(url);
});

There's other approaches too, but I think this one should be most suited.

creynders picture creynders on 23 Jun 2015
👍11

@creynders Exactly what I needed. Thank you so much.

offmadisonave picture offmadisonave on 23 Jun 2015

@creynders I've tried using function callback method but it is not entering the function. It is supposed to give test in the console but it didn't.
keystone.set('signin redirect', function(user,req, res){ console.log('test'); var url = (user.isAdmin) ? '/keystone' : '/schedule'; res.redirect(url); });
Would you please check this out!

vamshi9 picture vamshi9 on 21 Oct 2017

@talon Did you use string directly or used the function?

vamshi9 picture vamshi9 on 21 Oct 2017

Where do you enter this info?

keystone.set('signin redirect', '/whatever/url/you/want');
keystone.set('signin redirect', function(user, req, res){
  var url = (user.isAdmin) ? '/keystone' : '/whatever/url/you/want';
  res.redirect(url);
});
mylastore picture mylastore on 6 Mar 2018

In Keystone 4 it seems only
keystone.set('signin redirect', '/whatever/url/you/want'); works, not returning a function.

larrybolt picture larrybolt on 7 Sep 2018

In Keystone 4 it seems only
keystone.set('signin redirect', '/whatever/url/you/want'); works, not returning a function.

Should this be included in the signin config in the node_modules/keystone ?

mubarakshow picture mubarakshow on 23 Oct 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

celiao picture celiao  ·  4Comments
rigalpatel001 picture rigalpatel001  ·  5Comments
joernroeder picture joernroeder  ·  5Comments
webteckie picture webteckie  ·  5Comments
zhdan88vadim picture zhdan88vadim  ·  5Comments