feat: lock down registration and enforce partner-only logins
All checks were successful
Staging Build / build (push) Successful in 2m19s
All checks were successful
Staging Build / build (push) Successful in 2m19s
This commit is contained in:
@@ -5,30 +5,33 @@ import { headers } from 'next/headers'
|
||||
|
||||
export async function signIn(email: string, password: string) {
|
||||
const supabase = await createClient()
|
||||
const { error } = await supabase.auth.signInWithPassword({
|
||||
const { data, error } = await supabase.auth.signInWithPassword({
|
||||
email,
|
||||
password,
|
||||
})
|
||||
if (error) {
|
||||
throw new Error(error.message)
|
||||
}
|
||||
|
||||
const userId = data.user?.id
|
||||
if (userId) {
|
||||
const { data: userData, error: userError } = await supabase
|
||||
.from('users')
|
||||
.select('role')
|
||||
.eq('id', userId)
|
||||
.single()
|
||||
|
||||
if (userError || !userData || (userData.role !== 'partner' && userData.role !== 'admin')) {
|
||||
await supabase.auth.signOut()
|
||||
throw new Error("Zugriff verweigert. Nur registrierte Partner dürfen sich anmelden.")
|
||||
}
|
||||
}
|
||||
|
||||
return { success: true }
|
||||
}
|
||||
|
||||
export async function signUp(email: string, password: string) {
|
||||
const supabase = await createClient()
|
||||
const origin = (await headers()).get('origin') || ''
|
||||
const { error } = await supabase.auth.signUp({
|
||||
email,
|
||||
password,
|
||||
options: {
|
||||
emailRedirectTo: `${origin}/protected`,
|
||||
},
|
||||
})
|
||||
if (error) {
|
||||
throw new Error(error.message)
|
||||
}
|
||||
return { success: true }
|
||||
throw new Error("Registrierung ist deaktiviert.")
|
||||
}
|
||||
|
||||
export async function signOut() {
|
||||
|
||||
Reference in New Issue
Block a user