From f1c6fb2d76cbc853dffaa7c007aca902053a410b Mon Sep 17 00:00:00 2001
From: Jared Snider <jsnider@bitwarden.com>
Date: Thu, 8 Jun 2023 20:14:33 -0400
Subject: [PATCH] PM-1049 - Login Initiated route can only be accessed if user
 is AuthN w/ locked vault + TDE feature flag is on.

---
 apps/web/src/app/oss-routing.module.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/apps/web/src/app/oss-routing.module.ts b/apps/web/src/app/oss-routing.module.ts
index ef3360ea1c..fb6b113bae 100644
--- a/apps/web/src/app/oss-routing.module.ts
+++ b/apps/web/src/app/oss-routing.module.ts
@@ -4,6 +4,8 @@ import { Route, RouterModule, Routes } from "@angular/router";
 import { AuthGuard } from "@bitwarden/angular/auth/guards/auth.guard";
 import { LockGuard } from "@bitwarden/angular/auth/guards/lock.guard";
 import { UnauthGuard } from "@bitwarden/angular/auth/guards/unauth.guard";
+import { canAccessFeature } from "@bitwarden/angular/guard/feature-flag.guard";
+import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 
 import { SubscriptionRoutingModule } from "../app/billing/settings/subscription-routing.module";
 import { flagEnabled, Flags } from "../utils/flags";
@@ -69,7 +71,7 @@ const routes: Routes = [
       {
         path: "login-initiated",
         component: LoginDecryptionOptionsComponent,
-        canActivate: [], // TODO: put UnauthGuard back here
+        canActivate: [LockGuard, canAccessFeature(FeatureFlag.TrustedDeviceEncryption)],
       },
       {
         path: "register",