feat: implement admin validation middleware, DB integrity scan, automatic schema repair, and reindexing dashboard

This commit is contained in:
DanielS
2026-06-24 13:06:23 +02:00
parent 6e5cee0180
commit 3c60889e2a
5 changed files with 565 additions and 0 deletions

View File

@@ -63,6 +63,27 @@ export async function updateSession(request: NextRequest) {
return NextResponse.redirect(url);
}
// Admin protection
if (request.nextUrl.pathname.startsWith("/admin")) {
if (!user || !user.sub) {
const url = request.nextUrl.clone();
url.pathname = "/auth/login";
return NextResponse.redirect(url);
}
const { data: dbUser } = await supabase
.from("users")
.select("role")
.eq("id", user.sub)
.single();
if (!dbUser || dbUser.role !== "admin") {
const url = request.nextUrl.clone();
url.pathname = "/";
return NextResponse.redirect(url);
}
}
// IMPORTANT: You *must* return the supabaseResponse object as it is.
// If you're creating a new response object with NextResponse.next() make sure to:
// 1. Pass the request in it, like so: