feat: hide restricted nav items for guest role #305
- Pass user prop from +layout.svelte to Navbar and MobileNav
- Show only Grading (/research) link in navbar for guest users
- All other nav items hidden for guest role
feat: add guest role with restricted access to /research only. #305
- Add guest role support in magic-login/+page.server.js
- Fix Directus array role ['Guest'] to string 'guest' with toLowerCase()
- Redirect guest users to /research after login
- Block guest access to all routes except /research in hooks.server.ts
- Add guest role check in +layout.server.js
refactor: replace hardcoded Directus URLs with env variable #314
Removes hardcoded Directus base URLs across the app and replaces them with
the PUBLIC_DIRECTUS_URL environment variable, making the app environment-aware.
refactor: use exact email match filter in profile load function #312
Updated filter from filter[email][_icontains] to filter[email][_eq]
Updated comment to reflect exact match behavior
feat: fetch user profile data from Directus API #312
Created profile/+page.server.js with async load function
Receives fetch and locals from SvelteKit context
Queries Directus API filtering footguard_users by logged-in user's email
Uses _icontains filter for case-insensitive email matching
Limits results to 1 users
feat: add authentication guard to profile routes #312
Created +layout.server.js with a load function
Checks for authenticated user in locals.user
Throws a 302 redirect to /login if user is not authenticated
fix: change the loading from in the profile page #312
Here I changed the loading in the profile page so it is dynamic instead of loading one special user
refactor: replace hardcoded Directus URLs with env variable #314
Removes hardcoded Directus base URLs across the app and replaces them with
the PUBLIC_DIRECTUS_URL environment variable, making the app environment-aware.
refactor: use exact email match filter in profile load function #312
Updated filter from filter[email][_icontains] to filter[email][_eq]
Updated comment to reflect exact match behavior
feat: fetch user profile data from Directus API #312
Created profile/+page.server.js with async load function
Receives fetch and locals from SvelteKit context
Queries Directus API filtering footguard_users by logged-in user's email
Uses _icontains filter for case-insensitive email matching
Limits results to 1 users
feat: add authentication guard to profile routes #312
Created +layout.server.js with a load function
Checks for authenticated user in locals.user
Throws a 302 redirect to /login if user is not authenticated
fix: change the loading from in the profile page #312
Here I changed the loading in the profile page so it is dynamic instead of loading one special user
Merge pull request #307 from fdnd-agency/288-documentation-addbasic-authentication-tests-for-magic-link-login
288 documentation addbasic authentication tests for magic link login
fix: change the location off the group link #278
Group page link component were previously loaded inside the ProfileInfo component
- Now they load at the profile page instead
fix(tests): limit vitest to unit and integration tests only. #288
Explicitly include only unit and integration test files
to prevent vitest from picking up playwright e2e tests.
Refs: #288
ci: add vitest and playwright e2e tests to pipeline #288
- Run unit and integration tests with vitest --run- Install chromium and firefox for playwright e2e
Refs: #288
test(e2e): add protected route redirect e2e tests. #288
These tests verify that unauthenticated users are redirected
to /login when visiting protected routes like /dashboard,
/research, and the root route.
Refs: #288
