edit

Redirect Middlewares

Included in the AuthProvider package are RedirectMiddleware and InverseRedirectMiddleware classes that will help you redirect unauthenticated or authenticated requests to a given path. This is especially useful for redirecting users away from secure pages to a login page and vice versa.

Redirect Middleware

Let's take a look at how to add a RedirectMiddleware to your application.

Existing Auth

Since we only want this middleware to apply to secure pages, we'll apply it using route groups.

You should already have a protected area in your application using one of the authentication middlewares.

import Vapor
import AuthProvider

let drop = try Droplet()

drop.get("login") { req in
    return // some login form
}

let auth = TokenAuthenticationMiddleware(User.self)
let protected = drop.grouped([auth])
protected.get("secure") { req in
    let user = try req.auth.assertAuthenticated(User.self)
    return "Welcome to the secure page, \(user.name)"
}

The above snippet protects access to the page at GET /secure using the TokenAuthenticationMiddleware.

Since we've applied TokenAuthenticationMiddleware, this page cannot be accessed by anyone not authenticated. Although this is perfectly secure, we should provide a better experience for unauthenticated users. Instead of just showing them an error message, we can redirect them to the login page.

Add Redirect

Creating a redirect middleware is very simple. We'll use one of the presets for redirecting a user to /login.

let redirect = RedirectMiddleware.login()

Now we just need to add this redirect middleware to our protected route group mentioned previously.

let protected = drop.grouped([redirect, auth])

Warning

Make sure the redirect middleware comes before the auth middleware.

Complete Example

Now whenever an unauthenticated user attemps to visit GET /secure, they will be redirected to GET /login.

import Vapor
import AuthProvider

let drop = try Droplet()

let redirect = RedirectMiddleware.login()
let auth = TokenAuthenticationMiddleware(TestUser.self)

let protected = drop.grouped([redirect, auth])
protected.get { req in
    let user = try req.auth.assertAuthenticated(TestUser.self)
    return "Welcome to the dashboard, \(user.name)"
}

Custom Route

If your login page is not /login or you'd like the redirect middleware to redirect to a different type of page, simply use the full initializer.

let redirect = RedirectMiddleware(path: "/foo")

Inverse Redirect Middleware

Complementary to the RedirectMiddleware is the InverseRedirectMiddleware. Just like you want to redirect unauthenticated users away from secure pages, you also might want to redirect authenticated users away from certain pages.

For example, if a user is already authenticated and they visit the login page, they might be confused and attempt to login again.

Example

Here is an example of the InverseRedirectMiddleware being used to redirect authenticated Users away from the login page.

We are using the preset .home() convenience, which redirects the user to GET /.

import Vapor
import AuthProvider

let drop = try Droplet()

let redirect = InverseRedirectMiddleware.home(User.self)
let group = drop.grouped([redirect])
group.get("login") { req in
    return "Please login"
}

Custom Route

If your desired page is not / or you'd like the inverse redirect middleware to redirect to a different type of page, simply use the full initializer.

let redirect = InverseRedirectMiddleware(User.self, path: "/foo")