From 3dc0d0713fb6cef1b5d701858669ad6a0aa14627 Mon Sep 17 00:00:00 2001
From: nxtkofi <psliwa.b@gmail.com>
Date: Tue, 21 Apr 2026 20:53:18 +0200
Subject: [PATCH] feat(auth): protect dashboard and add settings page

Add isAuthenticated check to dashboard with redirect to sign-in. Move settings page to locale segment.

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
---
 src/app/[locale]/dashboard/page.tsx | 43 +++++++++++++++++++++++++++++
 src/app/[locale]/settings/page.tsx  | 23 +++++++++++++++
 2 files changed, 66 insertions(+)
 create mode 100644 src/app/[locale]/dashboard/page.tsx
 create mode 100644 src/app/[locale]/settings/page.tsx

diff --git a/src/app/[locale]/dashboard/page.tsx b/src/app/[locale]/dashboard/page.tsx
new file mode 100644
index 0000000..f0f75b2
--- /dev/null
+++ b/src/app/[locale]/dashboard/page.tsx
@@ -0,0 +1,43 @@
+import Link from 'next/link';
+import { getTranslations } from 'next-intl/server';
+import { redirect } from 'next/navigation';
+
+import { Button } from '@/components/ui/button';
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardHeader,
+  CardTitle,
+} from '@/components/ui/card';
+import { isAuthenticated } from '@/lib/auth-server';
+import { routes } from '@/lib/routes';
+
+export default async function DashboardPage() {
+  const authenticated = await isAuthenticated();
+
+  if (!authenticated) {
+    const searchParams = new URLSearchParams({
+      callbackURL: routes.private.dashboard,
+    });
+    redirect(`${routes.public.signIn}?${searchParams.toString()}`);
+  }
+
+  const t = await getTranslations('DashboardPage');
+
+  return (
+    <section className="mx-auto flex min-h-[calc(100vh-8rem)] w-full max-w-4xl px-4 py-8 sm:px-6 lg:px-8">
+      <Card className="w-full">
+        <CardHeader>
+          <CardTitle>{t('SecurityCardTitle')}</CardTitle>
+          <CardDescription>{t('SecurityCardDescription')}</CardDescription>
+        </CardHeader>
+        <CardContent>
+          <Button asChild>
+            <Link href={routes.private.settings}>{t('SecurityCardAction')}</Link>
+          </Button>
+        </CardContent>
+      </Card>
+    </section>
+  );
+}
diff --git a/src/app/[locale]/settings/page.tsx b/src/app/[locale]/settings/page.tsx
new file mode 100644
index 0000000..95bce32
--- /dev/null
+++ b/src/app/[locale]/settings/page.tsx
@@ -0,0 +1,23 @@
+import { redirect } from 'next/navigation';
+
+import { PasswordChangeCard } from '@/components/settings/PasswordChangeCard';
+import { isAuthenticated } from '@/lib/auth-server';
+import { routes } from '@/lib/routes';
+
+export default async function SettingsPage() {
+  const authenticated = await isAuthenticated();
+
+  if (!authenticated) {
+    const searchParams = new URLSearchParams({
+      callbackURL: routes.private.settings,
+    });
+
+    redirect(`${routes.public.signIn}?${searchParams.toString()}`);
+  }
+
+  return (
+    <section className="mx-auto flex min-h-[calc(100vh-8rem)] w-full max-w-2xl items-start px-4 py-8 sm:px-6 lg:px-8">
+      <PasswordChangeCard />
+    </section>
+  );
+}