-
Hi, I noticed that in a nested route, I must protect all routes with:
In the route Am I supposed to repeat the snippet in every sub route? Or is it because |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 4 replies
-
Every loader/action function should verify if the user is authenticated, there's no way to protect sub routes in Remix because Remix may or may not call the parent loader. Let's say you have When the user goes to Now suppose the user clicks a Link to This happens because Remix avoid fetching a loader you already have the data for, and because of this you can't rely of a parent loader to protect a child loader, so all your routes should call I recommend you to think about your loaders and actions as API endpoints, in an API endpoint you can't rely on a parent endpoint to protect the child endpoint because you don't know if the parent is gonna be called, so you protect each endpoints, loaders and actions are automatically generated API endpoints for your routes. |
Beta Was this translation helpful? Give feedback.
Every loader/action function should verify if the user is authenticated, there's no way to protect sub routes in Remix because Remix may or may not call the parent loader.
Let's say you have
routes/protected.tsx
androutes/protected/child1.tsx
androutes/protected/child2.tsx
and you only callauthenticator.isAuthenticated
in theroutes/protected.tsx
file.When the user goes to
/protected/child1
because it was a document request Remix will call all loaders and if the user is not authenticated it will be redirected.Now suppose the user clicks a Link to
/protected/child2
, because Remix already have the data ofroutes/protected.tsx
it will not fetch that loader again, and it will only fetch …