feat: add user role management (admin/partner/gesperrt) with login block
All checks were successful
Staging Build / build (push) Successful in 2m44s
All checks were successful
Staging Build / build (push) Successful in 2m44s
This commit is contained in:
@@ -49,6 +49,9 @@ export async function signIn(email: string, password: string) {
|
||||
|
||||
if (userError || !userData || (userData.role !== 'partner' && userData.role !== 'admin')) {
|
||||
await supabase.auth.signOut()
|
||||
if (userData?.role === 'gesperrt') {
|
||||
return { success: false, error: "Ihr Konto wurde gesperrt. Bitte wenden Sie sich an den Administrator." }
|
||||
}
|
||||
return { success: false, error: "Zugriff verweigert. Nur registrierte Partner dürfen sich anmelden." }
|
||||
}
|
||||
|
||||
|
||||
@@ -54,6 +54,15 @@ export async function deleteUser(id: string) {
|
||||
revalidatePath('/admin/users')
|
||||
}
|
||||
|
||||
export async function updateUserRole(id: string, role: 'admin' | 'partner' | 'gesperrt') {
|
||||
const admin = createAdminClient()
|
||||
const { error } = await admin
|
||||
.from('users')
|
||||
.upsert({ id, role }, { onConflict: 'id' })
|
||||
if (error) throw error
|
||||
revalidatePath('/admin/users')
|
||||
}
|
||||
|
||||
export async function updateUserStatus(id: string, ban: boolean) {
|
||||
const admin = createAdminClient()
|
||||
const { error } = await admin.auth.admin.updateUserById(id, {
|
||||
|
||||
@@ -84,6 +84,28 @@ export async function updateSession(request: NextRequest) {
|
||||
}
|
||||
}
|
||||
|
||||
// Gesperrte Benutzer sofort ausloggen
|
||||
if (
|
||||
user?.sub &&
|
||||
!request.nextUrl.pathname.startsWith("/auth")
|
||||
) {
|
||||
const { data: dbUser } = await supabase
|
||||
.from("users")
|
||||
.select("role")
|
||||
.eq("id", user.sub)
|
||||
.single();
|
||||
|
||||
if (dbUser?.role === "gesperrt") {
|
||||
const url = request.nextUrl.clone();
|
||||
url.pathname = "/auth/login";
|
||||
url.searchParams.set("error", "gesperrt");
|
||||
// Clear cookie so the session is fully gone
|
||||
const response = NextResponse.redirect(url);
|
||||
response.cookies.delete("webshop-auth-token");
|
||||
return response;
|
||||
}
|
||||
}
|
||||
|
||||
// IMPORTANT: You *must* return the supabaseResponse object as it is.
|
||||
// If you're creating a new response object with NextResponse.next() make sure to:
|
||||
// 1. Pass the request in it, like so:
|
||||
|
||||
Reference in New Issue
Block a user