diff --git a/shop/app/auth/sign-up/page.tsx b/shop/app/auth/sign-up/page.tsx index d5dca78..ddc9897 100644 --- a/shop/app/auth/sign-up/page.tsx +++ b/shop/app/auth/sign-up/page.tsx @@ -1,11 +1,5 @@ -import { SignUpForm } from "@/components/sign-up-form"; +import { redirect } from "next/navigation"; -export default function Page() { - return ( -
{error}
} - - -{error}
} + + + diff --git a/shop/lib/actions/auth.ts b/shop/lib/actions/auth.ts index d555cd2..545d49d 100644 --- a/shop/lib/actions/auth.ts +++ b/shop/lib/actions/auth.ts @@ -5,30 +5,33 @@ import { headers } from 'next/headers' export async function signIn(email: string, password: string) { const supabase = await createClient() - const { error } = await supabase.auth.signInWithPassword({ + const { data, error } = await supabase.auth.signInWithPassword({ email, password, }) if (error) { throw new Error(error.message) } + + const userId = data.user?.id + if (userId) { + const { data: userData, error: userError } = await supabase + .from('users') + .select('role') + .eq('id', userId) + .single() + + if (userError || !userData || (userData.role !== 'partner' && userData.role !== 'admin')) { + await supabase.auth.signOut() + throw new Error("Zugriff verweigert. Nur registrierte Partner dürfen sich anmelden.") + } + } + return { success: true } } export async function signUp(email: string, password: string) { - const supabase = await createClient() - const origin = (await headers()).get('origin') || '' - const { error } = await supabase.auth.signUp({ - email, - password, - options: { - emailRedirectTo: `${origin}/protected`, - }, - }) - if (error) { - throw new Error(error.message) - } - return { success: true } + throw new Error("Registrierung ist deaktiviert.") } export async function signOut() {