feat: lock down registration and enforce partner-only logins
All checks were successful
Staging Build / build (push) Successful in 2m19s
All checks were successful
Staging Build / build (push) Successful in 2m19s
This commit is contained in:
@@ -1,11 +1,5 @@
|
|||||||
import { SignUpForm } from "@/components/sign-up-form";
|
import { redirect } from "next/navigation";
|
||||||
|
|
||||||
export default function Page() {
|
export default function SignUpPage() {
|
||||||
return (
|
redirect("/auth/login");
|
||||||
<div className="flex min-h-svh w-full items-center justify-center p-6 md:p-10">
|
|
||||||
<div className="w-full max-w-sm">
|
|
||||||
<SignUpForm />
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -21,9 +21,6 @@ export async function AuthButton() {
|
|||||||
<Button asChild size="sm" variant={"outline"}>
|
<Button asChild size="sm" variant={"outline"}>
|
||||||
<Link href="/auth/login">Sign in</Link>
|
<Link href="/auth/login">Sign in</Link>
|
||||||
</Button>
|
</Button>
|
||||||
<Button asChild size="sm" variant={"default"}>
|
|
||||||
<Link href="/auth/sign-up">Sign up</Link>
|
|
||||||
</Button>
|
|
||||||
</div>
|
</div>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -88,15 +88,6 @@ export function LoginForm({
|
|||||||
{isLoading ? "Logging in..." : "Login"}
|
{isLoading ? "Logging in..." : "Login"}
|
||||||
</Button>
|
</Button>
|
||||||
</div>
|
</div>
|
||||||
<div className="mt-4 text-center text-sm">
|
|
||||||
Don't have an account?{" "}
|
|
||||||
<Link
|
|
||||||
href="/auth/sign-up"
|
|
||||||
className="underline underline-offset-4"
|
|
||||||
>
|
|
||||||
Sign up
|
|
||||||
</Link>
|
|
||||||
</div>
|
|
||||||
</form>
|
</form>
|
||||||
</CardContent>
|
</CardContent>
|
||||||
</Card>
|
</Card>
|
||||||
|
|||||||
@@ -5,30 +5,33 @@ import { headers } from 'next/headers'
|
|||||||
|
|
||||||
export async function signIn(email: string, password: string) {
|
export async function signIn(email: string, password: string) {
|
||||||
const supabase = await createClient()
|
const supabase = await createClient()
|
||||||
const { error } = await supabase.auth.signInWithPassword({
|
const { data, error } = await supabase.auth.signInWithPassword({
|
||||||
email,
|
email,
|
||||||
password,
|
password,
|
||||||
})
|
})
|
||||||
if (error) {
|
if (error) {
|
||||||
throw new Error(error.message)
|
throw new Error(error.message)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const userId = data.user?.id
|
||||||
|
if (userId) {
|
||||||
|
const { data: userData, error: userError } = await supabase
|
||||||
|
.from('users')
|
||||||
|
.select('role')
|
||||||
|
.eq('id', userId)
|
||||||
|
.single()
|
||||||
|
|
||||||
|
if (userError || !userData || (userData.role !== 'partner' && userData.role !== 'admin')) {
|
||||||
|
await supabase.auth.signOut()
|
||||||
|
throw new Error("Zugriff verweigert. Nur registrierte Partner dürfen sich anmelden.")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return { success: true }
|
return { success: true }
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function signUp(email: string, password: string) {
|
export async function signUp(email: string, password: string) {
|
||||||
const supabase = await createClient()
|
throw new Error("Registrierung ist deaktiviert.")
|
||||||
const origin = (await headers()).get('origin') || ''
|
|
||||||
const { error } = await supabase.auth.signUp({
|
|
||||||
email,
|
|
||||||
password,
|
|
||||||
options: {
|
|
||||||
emailRedirectTo: `${origin}/protected`,
|
|
||||||
},
|
|
||||||
})
|
|
||||||
if (error) {
|
|
||||||
throw new Error(error.message)
|
|
||||||
}
|
|
||||||
return { success: true }
|
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function signOut() {
|
export async function signOut() {
|
||||||
|
|||||||
Reference in New Issue
Block a user