upload

frontend/src/components/ProtectedRoute.tsx

@@ -0,0 +1,57 @@
+import { Navigate, useLocation } from 'react-router-dom';
+import { useAuth } from '../contexts/AuthContext';
+import { useEffect, useState } from 'react';
+import { getSetupStatus } from '../services/setup';
+
+interface ProtectedRouteProps {
+  children: JSX.Element;
+  requiredRole?: string;
+}
+
+const ProtectedRoute: React.FC<ProtectedRouteProps> = ({ children, requiredRole }) => {
+  const { isAuthenticated, isLoading, user } = useAuth();
+  const location = useLocation();
+  const [checkingSetup, setCheckingSetup] = useState(true);
+  const [requiresSetup, setRequiresSetup] = useState<boolean>(false);
+
+  // Check if setup is required
+  useEffect(() => {
+    let mounted = true;
+    (async () => {
+      try {
+        const s = await getSetupStatus();
+        if (mounted) setRequiresSetup(!!s.requires_setup);
+      } catch (_) {
+        if (mounted) setRequiresSetup(false);
+      } finally {
+        if (mounted) setCheckingSetup(false);
+      }
+    })();
+    return () => { mounted = false; };
+  }, []);
+
+  if (isLoading || checkingSetup) {
+    // Show loading spinner or skeleton
+    return <div>Načítání…</div>;
+  }
+
+  // If setup is required, redirect to setup page
+  if (requiresSetup) {
+    return <Navigate to="/setup" replace />;
+  }
+
+  if (!isAuthenticated) {
+    // Redirect to login page, but save the current location
+    return <Navigate to="/login" state={{ from: location }} replace />;
+  }
+
+  // Role-based access control
+  if (requiredRole && user && user.role && user.role !== requiredRole && user.role !== 'admin') {
+    // Redirect to 403 Forbidden page
+    return <Navigate to="/403" state={{ from: location.pathname }} replace />;
+  }
+
+  return children;
+};
+
+export default ProtectedRoute;