feat: create users and settings tables, replace getSession with getUser
All checks were successful
Staging Build / build (push) Successful in 2m29s

This commit is contained in:
DanielS
2026-06-23 04:05:39 +02:00
parent 9542fdfe4a
commit 5ba9869400
3 changed files with 70 additions and 9 deletions

View File

@@ -32,11 +32,11 @@ export async function POST(request: Request) {
);
// Verify admin rights expecting a user with role "admin" in the "users" table
const { data: { session } } = await supabase.auth.getSession();
if (!session) {
const { data: { user: authUser }, error: authError } = await supabase.auth.getUser();
if (authError || !authUser) {
return NextResponse.json({ error: 'Not authenticated' }, { status: 401 });
}
const { data: user } = await supabase.from('users').select('role').eq('id', session.user.id).single();
const { data: user } = await supabase.from('users').select('role').eq('id', authUser.id).single();
if (!user || user.role !== 'admin') {
return NextResponse.json({ error: 'Insufficient permissions' }, { status: 403 });
}