ZeasyAlex/GSM
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Restrict server detail access for guests
All checks were successful
Deploy GSM / deploy (push) Successful in 26s
Details

Browse Source 
- Add isGuest flag to UserContext
- Block guests from navigating to /server/:id route
- Make ServerCards non-clickable for guests
- Add rejectGuest middleware to backend
- Protect server detail endpoints (/:id, /metrics/history, /whitelist)

Guests can now only view the dashboard overview without accessing
individual server details.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Alexander Zielonka
2026-01-09 20:57:34 +01:00
parent e88e246be6
commit 3dc7e9e7e7
6 changed files with 37 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
gsm-frontend/src/pages/Dashboard.jsx
View File

@@ -255,8 +255,9 @@ export default function Dashboard({ onLogout }) {
>
<ServerCard
server={server}
onClick={() => navigate('/server/' + server.id)}
onClick={isGuest ? undefined : () => navigate('/server/' + server.id)}
isAuthenticated={isAuthenticated}
isGuest={isGuest}
displaySettings={displaySettings[server.id]}
/>
</div>