julius/cutt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: julius:43f9b0d47cec867596f20606cb0f6bc3691b011b
Branches Tags
julius:main
julius:feat/interactive_network
julius:feat/security
julius:floating_button
..
compare: julius:d3daa83d68228557ad7db43e9a52a21af2f98620
Branches Tags
julius:main
julius:feat/interactive_network
julius:feat/security
julius:floating_button

No commits in common. "43f9b0d47cec867596f20606cb0f6bc3691b011b" and "d3daa83d68228557ad7db43e9a52a21af2f98620" have entirely different histories.
43f9b0d47c ... d3daa83d68

11 changed files with 180 additions and 446 deletions
Show Stats Expand all files Collapse all files

5
cutt/analysis.py
View File

@ -70,10 +70,7 @@ def graph_json(
.where(Team.id == request.team_id, P.disabled == False) .where(Team.id == request.team_id, P.disabled == False)
).all() ).all()
if not players: if not players:
raise HTTPException( raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
status_code=status.HTTP_404_NOT_FOUND,
detail="no players found in your team",
)
for p in players: for p in players:
player_map[p.id] = p.display_name player_map[p.id] = p.display_name
nodes.append({"id": p.display_name, "label": p.display_name}) nodes.append({"id": p.display_name, "label": p.display_name})

19
cutt/main.py
View File

@ -1,6 +1,6 @@
from typing import Annotated from typing import Annotated
from fastapi import APIRouter, Depends, FastAPI, HTTPException, Security, status from fastapi import APIRouter, Depends, FastAPI, HTTPException, Security, status
from fastapi.responses import FileResponse, JSONResponse from fastapi.responses import JSONResponse
from fastapi.staticfiles import StaticFiles from fastapi.staticfiles import StaticFiles
from cutt.db import Player, Team, Chemistry, MVPRanking, engine from cutt.db import Player, Team, Chemistry, MVPRanking, engine
from sqlmodel import ( from sqlmodel import (
@ -14,7 +14,6 @@ from cutt.security import (
get_current_active_user, get_current_active_user,
login_for_access_token, login_for_access_token,
logout, logout,
register,
set_first_password, set_first_password,
) )
from cutt.player import player_router from cutt.player import player_router
@ -178,20 +177,6 @@ api_router.include_router(team_router, dependencies=[Depends(get_current_active_
api_router.include_router(analysis_router) api_router.include_router(analysis_router)
api_router.add_api_route("/token", endpoint=login_for_access_token, methods=["POST"]) api_router.add_api_route("/token", endpoint=login_for_access_token, methods=["POST"])
api_router.add_api_route("/set_password", endpoint=set_first_password, methods=["POST"]) api_router.add_api_route("/set_password", endpoint=set_first_password, methods=["POST"])
api_router.add_api_route("/register", endpoint=register, methods=["POST"])
api_router.add_api_route("/logout", endpoint=logout, methods=["POST"]) api_router.add_api_route("/logout", endpoint=logout, methods=["POST"])
app.include_router(api_router) app.include_router(api_router)
app.mount("/", SPAStaticFiles(directory="dist", html=True), name="site")
# app.mount("/", SPAStaticFiles(directory="dist", html=True), name="site")
@app.get("/")
async def root():
return FileResponse("dist/index.html")
@app.exception_handler(404)
async def exception_404_handler(request, exc):
return FileResponse("dist/index.html")
app.mount("/", StaticFiles(directory="dist"), name="ui")

17
cutt/player.py
View File

@ -145,22 +145,8 @@ async def list_all_players():
return session.exec(select(P)).all() return session.exec(select(P)).all()
async def list_players( async def list_players(team_id: int):
team_id: int, user: Annotated[Player, Depends(get_current_active_user)]
):
with Session(engine) as session: with Session(engine) as session:
current_user = session.exec(
select(P)
.join(PlayerTeamLink)
.join(Team)
.where(Team.id == team_id, P.disabled == False, P.id == user.id)
).one_or_none()
if not current_user:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="you're not in this team",
)
players = session.exec( players = session.exec(
select(P) select(P)
.join(PlayerTeamLink) .join(PlayerTeamLink)
@ -201,6 +187,7 @@ player_router.add_api_route(
"/{team_id}/list", "/{team_id}/list",
endpoint=list_players, endpoint=list_players,
methods=["GET"], methods=["GET"],
dependencies=[Depends(get_current_active_user)],
) )
player_router.add_api_route( player_router.add_api_route(
"/list", "/list",

174
cutt/security.py
View File

@ -6,7 +6,7 @@ from pydantic import BaseModel, ValidationError
import jwt import jwt
from jwt.exceptions import ExpiredSignatureError, InvalidTokenError from jwt.exceptions import ExpiredSignatureError, InvalidTokenError
from sqlmodel import Session, select from sqlmodel import Session, select
from cutt.db import PlayerTeamLink, Team, TokenDB, engine, Player from cutt.db import TokenDB, engine, Player
from fastapi.security import ( from fastapi.security import (
OAuth2PasswordBearer, OAuth2PasswordBearer,
OAuth2PasswordRequestForm, OAuth2PasswordRequestForm,
@ -16,8 +16,6 @@ from pydantic_settings import BaseSettings, SettingsConfigDict
from passlib.context import CryptContext from passlib.context import CryptContext
from sqlalchemy.exc import OperationalError from sqlalchemy.exc import OperationalError
P = Player
class Config(BaseSettings): class Config(BaseSettings):
secret_key: str = "" secret_key: str = ""
@ -210,94 +208,72 @@ async def logout(response: Response):
return {"message": "Successfully logged out"} return {"message": "Successfully logged out"}
def set_password_token(username: str): def generate_one_time_token(username):
user = get_user(username) user = get_user(username)
if user: if user:
expire = timedelta(days=30) expire = timedelta(days=7)
token = create_access_token( token = create_access_token(
data={ data={"sub": username, "name": user.display_name},
"sub": "set password",
"username": username,
"name": user.display_name,
},
expires_delta=expire, expires_delta=expire,
) )
return token return token
def register_token(team_id: int):
with Session(engine) as session:
team = session.exec(select(Team).where(Team.id == team_id)).one()
if team:
expire = timedelta(days=30)
token = create_access_token(
data={"sub": "register", "team_id": team_id, "name": team.name},
expires_delta=expire,
)
return token
def verify_one_time_token(token: str):
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="could not validate token",
)
with Session(engine) as session:
token_in_db = session.exec(
select(TokenDB).where(TokenDB.token == token).where(TokenDB.used == False)
).one_or_none()
if token_in_db:
try:
payload = jwt.decode(token, config.secret_key, algorithms=["HS256"])
return payload
except ExpiredSignatureError:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="access token expired",
)
except (InvalidTokenError, ValidationError):
raise credentials_exception
elif session.exec(
select(TokenDB).where(TokenDB.token == token).where(TokenDB.used == True)
).one_or_none():
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="token already used",
)
else:
raise credentials_exception
def invalidate_one_time_token(token: str):
with Session(engine) as session:
token_in_db = session.exec(select(TokenDB).where(TokenDB.token == token)).one()
token_in_db.used = True
session.add(token_in_db)
session.commit()
class FirstPassword(BaseModel): class FirstPassword(BaseModel):
token: str token: str
password: str password: str
async def set_first_password(req: FirstPassword): async def set_first_password(req: FirstPassword):
payload = verify_one_time_token(req.token) credentials_exception = HTTPException(
action: str = payload.get("sub") status_code=status.HTTP_401_UNAUTHORIZED,
if action != "set password": detail="Could not validate token",
)
with Session(engine) as session:
token_in_db = session.exec(
select(TokenDB)
.where(TokenDB.token == req.token)
.where(TokenDB.used == False)
).one_or_none()
if token_in_db:
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Could not validate token",
)
try:
payload = jwt.decode(req.token, config.secret_key, algorithms=["HS256"])
username: str = payload.get("sub")
if username is None:
raise credentials_exception
except ExpiredSignatureError:
raise HTTPException( raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED, status_code=status.HTTP_401_UNAUTHORIZED,
detail="wrong type of token.", detail="Access token expired",
) )
username: str = payload.get("username") except (InvalidTokenError, ValidationError):
with Session(engine) as session: raise credentials_exception
user = get_user(username) user = get_user(username)
if user: if user:
user.hashed_password = get_password_hash(req.password) user.hashed_password = get_password_hash(req.password)
session.add(user) session.add(user)
token_in_db.used = True
session.add(token_in_db)
session.commit() session.commit()
invalidate_one_time_token(req.token) return Response(
return Response("password set successfully", status_code=status.HTTP_200_OK) "Password set successfully", status_code=status.HTTP_200_OK
)
elif session.exec(
select(TokenDB)
.where(TokenDB.token == req.token)
.where(TokenDB.used == True)
).one_or_none():
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Token already used",
)
else:
raise credentials_exception
class ChangedPassword(BaseModel): class ChangedPassword(BaseModel):
@ -319,73 +295,17 @@ async def change_password(
session.add(user) session.add(user)
session.commit() session.commit()
return PlainTextResponse( return PlainTextResponse(
"password changed successfully", "Password changed successfully",
status_code=status.HTTP_200_OK, status_code=status.HTTP_200_OK,
media_type="text/plain", media_type="text/plain",
) )
else: else:
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
detail="wrong password", detail="Wrong password",
) )
class RegisterRequest(BaseModel):
token: str
team_id: int
display_name: str
username: str
password: str
email: str | None
number: str | None
async def register(req: RegisterRequest):
payload = verify_one_time_token(req.token)
action: str = payload.get("sub")
if action != "register":
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="wrong type of token.",
)
team_id: int = payload.get("team_id")
if team_id != req.team_id:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="wrong team",
)
with Session(engine) as session:
if session.exec(select(P).where(P.username == req.username)).one_or_none():
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="username exists",
)
stmt = (
select(P)
.join(PlayerTeamLink)
.join(Team)
.where(Team.id == team_id, P.display_name == req.display_name)
)
if session.exec(stmt).one_or_none():
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="the name is already taken on this team",
)
team = session.exec(select(Team).where(Team.id == team_id)).one()
new_player = Player(
username=req.username,
display_name=req.display_name,
email=req.email if req.email else None,
number=req.number,
disabled=False,
teams=[team],
)
session.add(new_player)
session.commit()
invalidate_one_time_token(req.token)
return PlainTextResponse(f"added {new_player.display_name}")
async def read_player_me( async def read_player_me(
current_user: Annotated[Player, Depends(get_current_active_user)], current_user: Annotated[Player, Depends(get_current_active_user)],
): ):

12
src/App.tsx
View File

@ -9,7 +9,7 @@ import { GraphComponent } from "./Network";
import MVPChart from "./MVPChart"; import MVPChart from "./MVPChart";
import { SetPassword } from "./SetPassword"; import { SetPassword } from "./SetPassword";
import { ThemeProvider } from "./ThemeProvider"; import { ThemeProvider } from "./ThemeProvider";
import TeamPanel from "./TeamPanel"; import { TeamPanel } from "./TeamPanel";
const Maintenance = () => { const Maintenance = () => {
return ( return (
@ -34,11 +34,11 @@ function App() {
<Header /> <Header />
<Routes> <Routes>
<Route index element={<Rankings />} /> <Route index element={<Rankings />} />
<Route path="network" element={<GraphComponent />} /> <Route path="/network" element={<GraphComponent />} />
<Route path="analysis" element={<Analysis />} /> <Route path="/analysis" element={<Analysis />} />
<Route path="mvp" element={<MVPChart />} /> <Route path="/mvp" element={<MVPChart />} />
<Route path="changepassword" element={<SetPassword />} /> <Route path="/changepassword" element={<SetPassword />} />
<Route path="team" element={<TeamPanel />} /> <Route path="/team" element={<TeamPanel />} />
</Routes> </Routes>
<Footer /> <Footer />
</SessionProvider> </SessionProvider>

3
src/Avatar.tsx
View File

@ -148,10 +148,11 @@ export default function Avatar() {
return ( return (
<> <>
<div className="avatars" style={{ display: user ? "block" : "none" }}> <div className="avatars">
<div <div
className="avatar" className="avatar"
onContextMenu={handleMenuClick} onContextMenu={handleMenuClick}
style={{ display: user ? "block" : "none" }}
onClick={(event) => { onClick={(event) => {
if (contextMenu.open && event.target === avatarRef.current) { if (contextMenu.open && event.target === avatarRef.current) {
handleMenuClose(); handleMenuClose();

8
src/MVPChart.tsx
View File

@ -3,7 +3,6 @@ import { apiAuth } from "./api";
import { PlayerRanking } from "./types"; import { PlayerRanking } from "./types";
import RaceChart from "./RaceChart"; import RaceChart from "./RaceChart";
import { useSession } from "./Session"; import { useSession } from "./Session";
import { useNavigate } from "react-router";
const MVPChart = () => { const MVPChart = () => {
let initialData = {} as PlayerRanking[]; let initialData = {} as PlayerRanking[];
@ -11,12 +10,7 @@ const MVPChart = () => {
const [loading, setLoading] = useState(true); const [loading, setLoading] = useState(true);
const [error, setError] = useState(""); const [error, setError] = useState("");
const [showStd, setShowStd] = useState(false); const [showStd, setShowStd] = useState(false);
const { user, teams } = useSession(); const { teams } = useSession();
const navigate = useNavigate();
useEffect(() => {
user?.scopes.includes(`team:${teams?.activeTeam}`) ||
navigate("/", { replace: true });
}, [user]);
async function loadData() { async function loadData() {
setLoading(true); setLoading(true);

8
src/Network.tsx
View File

@ -11,7 +11,6 @@ import {
} from "reagraph"; } from "reagraph";
import { customTheme } from "./NetworkTheme"; import { customTheme } from "./NetworkTheme";
import { useSession } from "./Session"; import { useSession } from "./Session";
import { useNavigate } from "react-router";
interface NetworkData { interface NetworkData {
nodes: GraphNode[]; nodes: GraphNode[];
@ -46,12 +45,7 @@ export const GraphComponent = () => {
const [likes, setLikes] = useState(2); const [likes, setLikes] = useState(2);
const [popularity, setPopularity] = useState(false); const [popularity, setPopularity] = useState(false);
const [mutuality, setMutuality] = useState(false); const [mutuality, setMutuality] = useState(false);
const { user, teams } = useSession(); const { teams } = useSession();
const navigate = useNavigate();
useEffect(() => {
user?.scopes.includes(`team:${teams?.activeTeam}`) ||
navigate("/", { replace: true });
}, [user]);
async function loadData() { async function loadData() {
setLoading(true); setLoading(true);

4
src/Session.tsx
View File

@ -62,10 +62,8 @@ export function SessionProvider(props: SessionProviderProps) {
useEffect(() => { useEffect(() => {
loadUser(); loadUser();
}, []);
useEffect(() => {
loadTeam(); loadTeam();
}, [user]); }, []);
function onLogin(user: User) { function onLogin(user: User) {
setUser(user); setUser(user);

267
src/SetPassword.tsx
View File

@ -1,29 +1,17 @@
import { jwtDecode, JwtPayload } from "jwt-decode"; import { jwtDecode, JwtPayload } from "jwt-decode";
import { ReactNode, useEffect, useState } from "react"; import { useEffect, useState } from "react";
import { apiAuth, baseUrl, User } from "./api"; import { apiAuth, baseUrl } from "./api";
import { useNavigate } from "react-router"; import { useNavigate } from "react-router";
import { Eye, EyeSlash } from "./Icons"; import { Eye, EyeSlash } from "./Icons";
import { useSession } from "./Session"; import { useSession } from "./Session";
import { relative } from "path";
import Header from "./Header";
interface PassToken extends JwtPayload { interface SetPassToken extends JwtPayload {
username: string;
name: string; name: string;
team_id: number;
}
enum Mode {
register = "register",
set = "set password",
change = "change password",
} }
export const SetPassword = () => { export const SetPassword = () => {
const [mode, setMode] = useState<Mode>();
const [name, setName] = useState("after getting your token."); const [name, setName] = useState("after getting your token.");
const [username, setUsername] = useState(""); const [username, setUsername] = useState("");
const [teamID, setTeamID] = useState<number>();
const [currentPassword, setCurrentPassword] = useState(""); const [currentPassword, setCurrentPassword] = useState("");
const [password, setPassword] = useState(""); const [password, setPassword] = useState("");
const [passwordr, setPasswordr] = useState(""); const [passwordr, setPasswordr] = useState("");
@ -31,22 +19,36 @@ export const SetPassword = () => {
const [error, setError] = useState(""); const [error, setError] = useState("");
const [loading, setLoading] = useState(false); const [loading, setLoading] = useState(false);
const [visible, setVisible] = useState(false); const [visible, setVisible] = useState(false);
const newPlayerTemplate = {
username: "",
display_name: "",
number: "",
email: "",
} as User;
const [player, setPlayer] = useState(newPlayerTemplate);
const navigate = useNavigate(); const navigate = useNavigate();
const { user } = useSession(); const { user } = useSession();
useEffect(() => {
if (user) {
setUsername(user.username);
setName(user.display_name);
} else {
const params = new URLSearchParams(window.location.search);
const token = params.get("token");
if (token) {
setToken(token);
try {
const payload = jwtDecode<SetPassToken>(token);
if (payload.name) setName(payload.name);
else if (payload.sub) setName(payload.sub);
else setName("Mr. I-have-no Token");
payload.sub && setUsername(payload.sub);
} catch (InvalidTokenError) {
setName("Mr. I-have-no-valid Token");
}
}
}
}, []);
async function handleSubmit(e: React.FormEvent) { async function handleSubmit(e: React.FormEvent) {
e.preventDefault(); e.preventDefault();
if (password === passwordr) { if (password === passwordr) {
setLoading(true); setLoading(true);
if (mode === Mode.change) { if (user) {
//====CHANGING PASSWORD====
const resp = await apiAuth( const resp = await apiAuth(
"player/change_password", "player/change_password",
{ current_password: currentPassword, new_password: password }, { current_password: currentPassword, new_password: password },
@ -58,8 +60,7 @@ export const SetPassword = () => {
setError(resp); setError(resp);
setTimeout(() => navigate("/"), 2000); setTimeout(() => navigate("/"), 2000);
} }
} else if (mode === Mode.set) { } else {
//====SETTING PASSWORD====
const req = new Request(`${baseUrl}api/set_password`, { const req = new Request(`${baseUrl}api/set_password`, {
method: "POST", method: "POST",
headers: { headers: {
@ -91,105 +92,43 @@ export const SetPassword = () => {
throw new Error("Unauthorized"); throw new Error("Unauthorized");
} }
} }
} else if (mode === Mode.register) {
//====REGISTER NEW USER====
const req = new Request(`${baseUrl}api/register`, {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify({
...player,
team_id: teamID,
token: token,
password: password,
}),
});
let resp: Response;
try {
resp = await fetch(req);
} catch (e) {
throw new Error(`request failed: ${e}`);
}
setLoading(false);
if (resp.ok) {
console.log(resp);
navigate("/", {
replace: true,
state: { username: player.username, password: password },
});
}
if (!resp.ok) {
const { detail } = await resp.json();
if (detail) setError(detail);
else setError("unauthorized");
throw new Error("Unauthorized");
}
} }
} else setError("passwords are not the same"); } else setError("passwords are not the same");
} }
useEffect(() => { return (
if (user) {
setUsername(user.username);
setName(user.display_name);
setMode(Mode.change);
} else {
const params = new URLSearchParams(window.location.search);
const token = params.get("token");
if (token) {
setToken(token);
try {
const payload = jwtDecode<PassToken>(token);
console.log(payload);
switch (payload.sub) {
case "register":
setMode(Mode.register);
if (payload.team_id) setTeamID(payload.team_id);
break;
case "set password":
setMode(Mode.set);
if (payload.username) setUsername(payload.username);
break;
}
if (payload.name) setName(payload.name);
} catch (InvalidTokenError) {
setName("Mr. I-have-no-valid Token");
}
}
}
}, []);
let header: ReactNode;
switch (mode) {
case Mode.change:
header = <h2>change your password, {name}</h2>;
break;
case Mode.set:
header = (
<> <>
<Header /> {user ? (
<h2>set your password, {name}</h2> <h2> change your password </h2>
</> ) : (
);
break;
case Mode.register:
header = (
<>
<Header />
<h2> <h2>
register as a member of <i>{name}</i> set your password,
<br />
{name}
</h2> </h2>
</> )}
); {!user && username && (
} <span>
your username is: <i>{username}</i>
let textInputs: ReactNode; </span>
switch (mode) { )}
case Mode.change: <form onSubmit={handleSubmit}>
textInputs = ( <div
style={{
display: "flex",
alignItems: "center",
}}
>
<div
style={{
marginLeft: "48px",
marginRight: "8px",
display: "flex",
justifyContent: "center",
flexDirection: "column",
}}
>
{user && (
<div> <div>
<input <input
type={visible ? "text" : "password"} type={visible ? "text" : "password"}
@ -204,67 +143,15 @@ export const SetPassword = () => {
setCurrentPassword(evt.target.value); setCurrentPassword(evt.target.value);
}} }}
/> />
<hr style={{ margin: "8px" }} /> <hr
</div> style={{
); margin: "8px",
break; borderStyle: "inset",
case Mode.register: display: "block",
textInputs = (
<div className="new-player-inputs">
<div>
<label>name</label>
<input
type="text"
required
value={player.display_name}
onChange={(e) => {
setPlayer({
...player,
display_name: e.target.value,
username: e.target.value.toLowerCase().replace(/\W/g, ""),
});
}} }}
/> />
</div> </div>
<div> )}
<label>username</label>
<input
type="text"
required
value={player.username}
onChange={(e) => {
setPlayer({ ...player, username: e.target.value });
}}
/>
</div>
<div>
<label>number (optional)</label>
<input
type="text"
value={player.number || ""}
onChange={(e) => {
setPlayer({ ...player, number: e.target.value });
}}
/>
</div>
<div>
<label>email (optional)</label>
<input
type="email"
value={player.email || ""}
onChange={(e) => {
setPlayer({ ...player, email: e.target.value });
}}
/>
</div>
<hr style={{ margin: "8px" }} />
</div>
);
break;
}
let passwordInputs = (
<>
<div> <div>
<input <input
type={visible ? "text" : "password"} type={visible ? "text" : "password"}
@ -295,36 +182,16 @@ export const SetPassword = () => {
}} }}
/> />
</div> </div>
</> </div>
);
return mode ? (
<>
{header}
<hr style={{ width: "100%" }} />
<form onSubmit={handleSubmit}>
<div
style={{
display: "flex",
alignItems: "center",
justifyContent: "center",
flexDirection: "column",
}}
>
{textInputs}
{passwordInputs}
<div <div
style={{ style={{
background: "unset", background: "unset",
fontSize: "medium", fontSize: "xx-large",
cursor: "pointer", cursor: "pointer",
display: "flex",
alignItems: "center",
gap: "8px",
}} }}
onClick={() => setVisible(!visible)} onClick={() => setVisible(!visible)}
> >
{visible ? <Eye /> : <EyeSlash />} show passwords {visible ? <Eye /> : <EyeSlash />}
</div> </div>
</div> </div>
<div>{error && <span style={{ color: "red" }}>{error}</span>}</div> <div>{error && <span style={{ color: "red" }}>{error}</span>}</div>
@ -334,7 +201,5 @@ export const SetPassword = () => {
{loading && <span className="loader" />} {loading && <span className="loader" />}
</form> </form>
</> </>
) : (
<span className="loader" />
); );
}; };

11
src/TeamPanel.tsx
View File

@ -2,15 +2,9 @@ import { FormEvent, useEffect, useState } from "react";
import { apiAuth, loadPlayers, User } from "./api"; import { apiAuth, loadPlayers, User } from "./api";
import { useSession } from "./Session"; import { useSession } from "./Session";
import { ErrorState } from "./types"; import { ErrorState } from "./types";
import { useNavigate } from "react-router";
const TeamPanel = () => { export const TeamPanel = () => {
const { user, teams } = useSession(); const { teams } = useSession();
const navigate = useNavigate();
useEffect(() => {
user?.scopes.includes(`team:${teams?.activeTeam}`) ||
navigate("/", { replace: true });
}, [user]);
const newPlayerTemplate = { const newPlayerTemplate = {
id: 0, id: 0,
username: "", username: "",
@ -205,4 +199,3 @@ const TeamPanel = () => {
); );
} else <span className="loader" />; } else <span className="loader" />;
}; };
export default TeamPanel;