feat: add user role management (admin/partner/gesperrt) with login block
All checks were successful
Staging Build / build (push) Successful in 2m44s

This commit is contained in:
DanielS
2026-06-24 14:26:25 +02:00
parent 26de6820e3
commit cd04309e3e
5 changed files with 103 additions and 33 deletions

View File

@@ -84,6 +84,28 @@ export async function updateSession(request: NextRequest) {
}
}
// Gesperrte Benutzer sofort ausloggen
if (
user?.sub &&
!request.nextUrl.pathname.startsWith("/auth")
) {
const { data: dbUser } = await supabase
.from("users")
.select("role")
.eq("id", user.sub)
.single();
if (dbUser?.role === "gesperrt") {
const url = request.nextUrl.clone();
url.pathname = "/auth/login";
url.searchParams.set("error", "gesperrt");
// Clear cookie so the session is fully gone
const response = NextResponse.redirect(url);
response.cookies.delete("webshop-auth-token");
return response;
}
}
// IMPORTANT: You *must* return the supabaseResponse object as it is.
// If you're creating a new response object with NextResponse.next() make sure to:
// 1. Pass the request in it, like so: