Feature : Added server side verification for all routes .

docs/docs/auto-docs/GraphQl/Queries/Queries/variables/VERIFY_ROLE.md

@@ -0,0 +1,9 @@
+[Admin Docs](/)
+
+***
+
+# Variable: VERIFY\_ROLE
+
+> `const` **VERIFY\_ROLE**: `DocumentNode`
+
+Defined in: [src/GraphQl/Queries/Queries.ts:867](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/GraphQl/Queries/Queries.ts#L867)

docs/docs/auto-docs/components/SecuredRoute/SecuredRoute/functions/default.md

@@ -6,7 +6,7 @@
 
 > **default**(): `Element`
 
-Defined in: [src/components/SecuredRoute/SecuredRoute.tsx:16](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/components/SecuredRoute/SecuredRoute.tsx#L16)
+Defined in: [src/components/SecuredRoute/SecuredRoute.tsx:18](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/components/SecuredRoute/SecuredRoute.tsx#L18)
 
 A route guard that checks if the user is logged in and has the necessary permissions.
 

docs/docs/auto-docs/components/UserPortal/SecuredRouteForUser/SecuredRouteForUser/functions/default.md

@@ -6,7 +6,7 @@
 
 > **default**(): `Element`
 
-Defined in: [src/components/UserPortal/SecuredRouteForUser/SecuredRouteForUser.tsx:14](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/components/UserPortal/SecuredRouteForUser/SecuredRouteForUser.tsx#L14)
+Defined in: [src/components/UserPortal/SecuredRouteForUser/SecuredRouteForUser.tsx:16](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/components/UserPortal/SecuredRouteForUser/SecuredRouteForUser.tsx#L16)
 
 A component that guards routes by checking if the user is logged in.
 If the user is logged in and does not have 'AdminFor' set, the child routes are rendered.

docs/docs/auto-docs/screens/MemberDetail/MemberDetail/functions/getLanguageName.md

@@ -6,7 +6,7 @@
 
 > **getLanguageName**(`code`): `string`
 
-Defined in: [src/screens/MemberDetail/MemberDetail.tsx:742](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/screens/MemberDetail/MemberDetail.tsx#L742)
+Defined in: [src/screens/MemberDetail/MemberDetail.tsx:744](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/screens/MemberDetail/MemberDetail.tsx#L744)
 
 ## Parameters
 

docs/docs/auto-docs/screens/MemberDetail/MemberDetail/functions/prettyDate.md

@@ -6,7 +6,7 @@
 
 > **prettyDate**(`param`): `string`
 
-Defined in: [src/screens/MemberDetail/MemberDetail.tsx:732](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/screens/MemberDetail/MemberDetail.tsx#L732)
+Defined in: [src/screens/MemberDetail/MemberDetail.tsx:734](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/screens/MemberDetail/MemberDetail.tsx#L734)
 
 ## Parameters
 

docs/docs/auto-docs/screens/PageNotFound/PageNotFound/functions/default.md

@@ -6,7 +6,7 @@
 
 > **default**(): `Element`
 
-Defined in: [src/screens/PageNotFound/PageNotFound.tsx:15](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/screens/PageNotFound/PageNotFound.tsx#L15)
+Defined in: [src/screens/PageNotFound/PageNotFound.tsx:16](https://github.com/PalisadoesFoundation/talawa-admin/blob/main/src/screens/PageNotFound/PageNotFound.tsx#L16)
 
 The `PageNotFound` component displays a 404 error page when a user navigates to a non-existent route.
 It shows a message indicating that the page was not found and provides a link to redirect users back

src/App.spec.tsx

@@ -52,6 +52,10 @@ const MOCKS = [
             mobile: '+8912313112',
           },
         },
+        verifyRole: {
+          isAuthorized: false, // Ensure this field exists
+          role: 'user', // Adjust this based on the expected role
+        },
       },
     },
   },

src/GraphQl/Queries/Queries.ts

@@ -864,6 +864,14 @@ export const GET_COMMUNITY_SESSION_TIMEOUT_DATA = gql`
     }
   }
 `;
+export const VERIFY_ROLE = gql`
+  query verifyRole {
+    verifyRole {
+      isAuthorized
+      role
+    }
+  }
+`;
 
 // get the list of Action Item Categories
 export { ACTION_ITEM_CATEGORY_LIST } from './ActionItemCategoryQueries';

src/components/SecuredRoute/SecuredRoute.tsx

@@ -1,5 +1,7 @@
-import React from 'react';
-import { Navigate, Outlet } from 'react-router-dom';
+import { useQuery } from '@apollo/client';
+import { VERIFY_ROLE } from 'GraphQl/Queries/Queries';
+import React, { useEffect } from 'react';
+import { Navigate, Outlet, useLocation } from 'react-router-dom';
 import { toast } from 'react-toastify';
 import PageNotFound from 'screens/PageNotFound/PageNotFound';
 import useLocalStorage from 'utils/useLocalstorage';
@@ -14,14 +16,51 @@
  * @returns The JSX element representing the secured route.
  */
 const SecuredRoute = (): JSX.Element => {
-  const isLoggedIn = getItem('IsLoggedIn');
-  const adminFor = getItem('AdminFor');
-
-  return isLoggedIn === 'TRUE' ? (
-    <>{adminFor != null ? <Outlet /> : <PageNotFound />}</>
-  ) : (
-    <Navigate to="/" replace />
-  );
+  const location = useLocation();
+  const { data, loading, error, refetch } = useQuery(VERIFY_ROLE, {
+    skip: !getItem('token'),
+    context: {
+      headers: {
+        Authorization: `Bearer ${getItem('token')}`,
+      },
+    },
+  });
+  const [token, setToken] = React.useState(getItem('token'));
+
+  useEffect(() => {
+    const newToken = getItem('token');
+    if (newToken !== token) {
+      setToken(newToken);
+    }
+  }, []);
+
+  useEffect(() => {
+    refetch(); // Refetch when token updates
+  }, [token]);
+
+  if (loading) {
+    return <div> Loading.....</div>;
+  } else if (error) {
+    return <div>Error During Routing ...</div>;
+  } else {
+    const isLoggedIn = data.verifyRole.isAuthorized;
+    const role = data.verifyRole.role;
+    const restrictedRoutesForAdmin = ['/member', '/users', '/communityProfile'];
+    if (isLoggedIn) {
+      if (role == 'superAdmin') {
+        return <Outlet />;
+      } else if (role == 'admin') {
+        if (restrictedRoutesForAdmin.includes(location.pathname)) {
+          return <PageNotFound />;
+        }
+        return <Outlet />;
+      } else {
+        return <PageNotFound />;
+      }
+    } else {
+      return <Navigate to="/" replace />;
+    }
+  }
 };
 
 // Time constants for session timeout and inactivity interval