Initial commit

2026-03-09 21:29:04 +00:00 · 2025-12-28 21:16:03 +01:00
commit 62e3c6439e
552 changed files with 104858 additions and 0 deletions
--- a/routes/+layout.server.ts
+++ b/routes/+layout.server.ts
@@ -0,0 +1,55 @@
+import type { LayoutServerLoad } from './$types';
+import { redirect } from '@sveltejs/kit';
+import { isAuthEnabled, validateSession } from '$lib/server/auth';
+import { hasAdminUser } from '$lib/server/db';
+
+// Routes that don't require authentication
+const PUBLIC_PATHS = ['/login'];
+
+export const load: LayoutServerLoad = async ({ cookies, url }) => {
+	const authEnabled = await isAuthEnabled();
+
+	// If auth is disabled, allow everything
+	if (!authEnabled) {
+		return {
+			authEnabled: false,
+			user: null
+		};
+	}
+
+	// Auth is enabled - validate session
+	const user = await validateSession(cookies);
+
+	// Check if this is a public path
+	const isPublicPath = PUBLIC_PATHS.some(path => url.pathname === path || url.pathname.startsWith(path + '/'));
+
+	// If not authenticated and not on a public path
+	if (!user && !isPublicPath) {
+		// Special case: allow access when no admin exists yet (initial setup)
+		const noAdminSetupMode = !(await hasAdminUser());
+		if (noAdminSetupMode) {
+			return {
+				authEnabled: true,
+				user: null,
+				setupMode: true
+			};
+		}
+
+		// Redirect to login
+		const redirectUrl = encodeURIComponent(url.pathname + url.search);
+		redirect(307, `/login?redirect=${redirectUrl}`);
+	}
+
+	return {
+		authEnabled: true,
+		user: user ? {
+			id: user.id,
+			username: user.username,
+			email: user.email,
+			displayName: user.displayName,
+			avatar: user.avatar,
+			isAdmin: user.isAdmin,
+			provider: user.provider
+		} : null
+	};
+};