JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.
How does it work?
Only authenticated users can access dashboard pages. If a user is not authenticated, the user is redirected to the login page.
// router.tsrouter.beforeEach(async (to, from, next) => {// redirect to login page if not logged in and trying to access a restricted pageconstpublicPages= ['/'];constauth:AuthStore=useAuthStore();constisPublicPage=publicPages.includes(to.path);constauthRequired=!isPublicPage &&to.matched.some((record) =>record.meta.requiresAuth);// User not logged in and trying to access a restricted pageif (authRequired &&!auth.user) {auth.returnUrl =to.fullPath; // Save the intended pagenext('/login'); } elseif (auth.user &&to.path ==='/login') {// User logged in and trying to access the login pagenext({ query: {...to.query, redirect:auth.returnUrl !=='/'?to.fullPath :undefined } }); } else {// All other scenarios, either public page or authorized accessnext(); }});