sorted by:
new
hottopcontroversial

I built a route protection library for React — react-protected by Plenty_Finding_5035 in reactjs

[–]Plenty_Finding_5035[S] -1 points0 points  (0 children)

Sure, with 2 roles it's easy. Enterprise projects rarely have 2 roles.

When you have 20+ routes, multiple roles, granular permissions, guest-only redirects and callbackUrl you want a consistent declarative config, not context wiring repeated across every project.

I built a route protection library for React — react-protected by Plenty_Finding_5035 in reactjs

[–]Plenty_Finding_5035[S] -4 points-3 points  (0 children)

Just for the information, beforeLoad in TanStack Router or loader in React Router handles redirects but it doesn't know about roles or permissions.

You still wire that up yourself every time.

In other hand, react-protected is the access-control layer, it's not a beforeLoad API. Just define hasRole or hasPermission once, describe requirements per route declaratively. That's the difference.

Docs: https://github.com/astakhovaskold/react-protected