import type { Router } from 'vue-router' import { useAuthStore } from '@/stores/useAuthStore' import { usePortalStore } from '@/stores/usePortalStore' const guestOnlyPaths = ['/login', '/wachtwoord-vergeten', '/wachtwoord-resetten', '/wachtwoord-instellen', '/verify-email-change'] // Old dashboard routes that need backward-compat redirects const dashboardRedirects: Record = { '/dashboard': '/evenementen', '/dashboard/my-shifts': '/evenementen', '/dashboard/claim-shifts': '/evenementen', } export function setupGuards(router: Router) { router.beforeEach(async (to, from) => { const authStore = useAuthStore() if (!authStore.isInitialized) { await authStore.initialize() } if (import.meta.env.DEV) { console.log('🔒 Router Guard:', { to: to.path, from: from.path, isAuthenticated: authStore.isAuthenticated, }) } // Hydrate portal data once after auth is confirmed if (authStore.isAuthenticated) { const portalStore = usePortalStore() await portalStore.hydrateIfNeeded() } // Backward-compat redirects for old dashboard routes const redirect = dashboardRedirects[to.path] if (redirect && authStore.isAuthenticated) { if (import.meta.env.DEV) console.log('🔄 Backward-compat redirect:', to.path, '→', redirect) return { path: redirect } } const requiresAuth = to.meta.requiresAuth === true // Public routes — no auth check needed if (!requiresAuth) { if (authStore.isAuthenticated && guestOnlyPaths.some(p => to.path === p || to.path.startsWith(`${p}/`))) { if (import.meta.env.DEV) console.log('🔄 Redirecting logged-in user away from login page') return { path: '/evenementen' } } if (import.meta.env.DEV) console.log('✅ Public route, allowing access') return } // Auth required — redirect to login if not authenticated if (!authStore.isAuthenticated) { if (import.meta.env.DEV) console.log('🚫 Not authenticated, redirecting to login') return { path: '/login', query: { to: to.fullPath } } } if (import.meta.env.DEV) console.log('✅ Access granted') }) }