feat: implement admin validation middleware, DB integrity scan, automatic schema repair, and reindexing dashboard
This commit is contained in:
@@ -63,6 +63,27 @@ export async function updateSession(request: NextRequest) {
|
||||
return NextResponse.redirect(url);
|
||||
}
|
||||
|
||||
// Admin protection
|
||||
if (request.nextUrl.pathname.startsWith("/admin")) {
|
||||
if (!user || !user.sub) {
|
||||
const url = request.nextUrl.clone();
|
||||
url.pathname = "/auth/login";
|
||||
return NextResponse.redirect(url);
|
||||
}
|
||||
|
||||
const { data: dbUser } = await supabase
|
||||
.from("users")
|
||||
.select("role")
|
||||
.eq("id", user.sub)
|
||||
.single();
|
||||
|
||||
if (!dbUser || dbUser.role !== "admin") {
|
||||
const url = request.nextUrl.clone();
|
||||
url.pathname = "/";
|
||||
return NextResponse.redirect(url);
|
||||
}
|
||||
}
|
||||
|
||||
// IMPORTANT: You *must* return the supabaseResponse object as it is.
|
||||
// If you're creating a new response object with NextResponse.next() make sure to:
|
||||
// 1. Pass the request in it, like so:
|
||||
|
||||
Reference in New Issue
Block a user