feat: add user role management (admin/partner/gesperrt) with login block
All checks were successful
Staging Build / build (push) Successful in 2m44s
All checks were successful
Staging Build / build (push) Successful in 2m44s
This commit is contained in:
@@ -11,24 +11,48 @@ import {
|
|||||||
TableRow,
|
TableRow,
|
||||||
} from '@/components/ui/table'
|
} from '@/components/ui/table'
|
||||||
import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'
|
import { Card, CardContent, CardDescription, CardHeader, CardTitle } from '@/components/ui/card'
|
||||||
import { UserX, ShieldAlert, Key, Trash2, Mail } from 'lucide-react'
|
import { Key, Trash2, Mail, Loader2 } from 'lucide-react'
|
||||||
import { Button } from '@/components/ui/button'
|
import { Button } from '@/components/ui/button'
|
||||||
import { deleteUser, updateUserStatus, resetPassword } from '@/lib/actions/users'
|
import { deleteUser, resetPassword, updateUserRole } from '@/lib/actions/users'
|
||||||
import { Badge } from '@/components/ui/badge'
|
import { Badge } from '@/components/ui/badge'
|
||||||
|
|
||||||
|
type Role = 'admin' | 'partner' | 'gesperrt'
|
||||||
|
|
||||||
|
const ROLE_LABELS: Record<Role, string> = {
|
||||||
|
admin: 'Admin',
|
||||||
|
partner: 'Partner',
|
||||||
|
gesperrt: 'Gesperrt',
|
||||||
|
}
|
||||||
|
|
||||||
|
const ROLE_BADGE_CLASSES: Record<Role, string> = {
|
||||||
|
admin: 'bg-purple-500/20 text-purple-400 border border-purple-500/30',
|
||||||
|
partner: 'bg-blue-500/20 text-blue-400 border border-blue-500/30',
|
||||||
|
gesperrt: 'bg-red-500/20 text-red-400 border border-red-500/30',
|
||||||
|
}
|
||||||
|
|
||||||
export function UserList({ initialUsers }: { initialUsers: any[] }) {
|
export function UserList({ initialUsers }: { initialUsers: any[] }) {
|
||||||
const router = useRouter()
|
const router = useRouter()
|
||||||
|
const [loadingId, setLoadingId] = useState<string | null>(null)
|
||||||
|
|
||||||
const handleDelete = async (id: string) => {
|
const handleDelete = async (id: string) => {
|
||||||
if (confirm('Möchten Sie diesen Benutzer wirklich löschen?')) {
|
if (confirm('Möchten Sie diesen Benutzer wirklich löschen?')) {
|
||||||
|
setLoadingId(id)
|
||||||
await deleteUser(id)
|
await deleteUser(id)
|
||||||
|
setLoadingId(null)
|
||||||
router.refresh()
|
router.refresh()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
const handleToggleBan = async (id: string, isBanned: boolean) => {
|
const handleRoleChange = async (id: string, newRole: Role) => {
|
||||||
await updateUserStatus(id, !isBanned)
|
setLoadingId(id + '-role')
|
||||||
router.refresh()
|
try {
|
||||||
|
await updateUserRole(id, newRole)
|
||||||
|
router.refresh()
|
||||||
|
} catch (e) {
|
||||||
|
console.error('Fehler beim Ändern der Rolle:', e)
|
||||||
|
} finally {
|
||||||
|
setLoadingId(null)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
const handleResetPassword = async (email: string) => {
|
const handleResetPassword = async (email: string) => {
|
||||||
@@ -45,7 +69,7 @@ export function UserList({ initialUsers }: { initialUsers: any[] }) {
|
|||||||
<CardHeader>
|
<CardHeader>
|
||||||
<CardTitle>Benutzerverwaltung</CardTitle>
|
<CardTitle>Benutzerverwaltung</CardTitle>
|
||||||
<CardDescription className="text-slate-400">
|
<CardDescription className="text-slate-400">
|
||||||
Hier können Sie Benutzer neu anlegen, sperren oder Passwörter zurücksetzen.
|
Verwalten Sie Rollen, Passwörter und Benutzerkonten.
|
||||||
</CardDescription>
|
</CardDescription>
|
||||||
</CardHeader>
|
</CardHeader>
|
||||||
<CardContent>
|
<CardContent>
|
||||||
@@ -54,14 +78,16 @@ export function UserList({ initialUsers }: { initialUsers: any[] }) {
|
|||||||
<TableRow className="border-white/10 hover:bg-white/5">
|
<TableRow className="border-white/10 hover:bg-white/5">
|
||||||
<TableHead className="text-slate-200">E-Mail</TableHead>
|
<TableHead className="text-slate-200">E-Mail</TableHead>
|
||||||
<TableHead className="text-slate-200">Rolle</TableHead>
|
<TableHead className="text-slate-200">Rolle</TableHead>
|
||||||
<TableHead className="text-slate-200">Status</TableHead>
|
|
||||||
<TableHead className="text-slate-200">Zuletzt angemeldet</TableHead>
|
<TableHead className="text-slate-200">Zuletzt angemeldet</TableHead>
|
||||||
<TableHead className="text-right text-slate-200">Aktionen</TableHead>
|
<TableHead className="text-right text-slate-200">Aktionen</TableHead>
|
||||||
</TableRow>
|
</TableRow>
|
||||||
</TableHeader>
|
</TableHeader>
|
||||||
<TableBody>
|
<TableBody>
|
||||||
{initialUsers.map((user) => {
|
{initialUsers.map((user) => {
|
||||||
const isBanned = !!user.banned_until
|
const role: Role = (['admin', 'partner', 'gesperrt'].includes(user.role) ? user.role : 'partner') as Role
|
||||||
|
const isLoadingRole = loadingId === user.id + '-role'
|
||||||
|
const isLoadingDelete = loadingId === user.id
|
||||||
|
|
||||||
return (
|
return (
|
||||||
<TableRow key={user.id} className="border-white/5 hover:bg-white/5 transition-colors">
|
<TableRow key={user.id} className="border-white/5 hover:bg-white/5 transition-colors">
|
||||||
<TableCell className="font-medium text-white">
|
<TableCell className="font-medium text-white">
|
||||||
@@ -71,46 +97,48 @@ export function UserList({ initialUsers }: { initialUsers: any[] }) {
|
|||||||
</div>
|
</div>
|
||||||
</TableCell>
|
</TableCell>
|
||||||
<TableCell>
|
<TableCell>
|
||||||
<Badge className={user.role === 'admin' ? "bg-purple-500/20 text-purple-400 border border-purple-500/30" : "bg-blue-500/20 text-blue-400 border border-blue-500/30"}>
|
<div className="flex items-center gap-2">
|
||||||
{user.role === 'admin' ? 'Admin' : 'Partner'}
|
<Badge className={ROLE_BADGE_CLASSES[role]}>
|
||||||
</Badge>
|
{ROLE_LABELS[role]}
|
||||||
</TableCell>
|
</Badge>
|
||||||
<TableCell>
|
{isLoadingRole ? (
|
||||||
<Badge variant={isBanned ? "destructive" : "default"} className={isBanned ? "" : "bg-green-500/20 text-green-500 border-green-500/30"}>
|
<Loader2 className="h-4 w-4 animate-spin text-slate-400" />
|
||||||
{isBanned ? "Gesperrt" : "Aktiv"}
|
) : (
|
||||||
</Badge>
|
<select
|
||||||
|
value={role}
|
||||||
|
onChange={(e) => handleRoleChange(user.id, e.target.value as Role)}
|
||||||
|
className="ml-1 text-xs bg-white/5 border border-white/10 rounded px-2 py-1 text-slate-300 hover:bg-white/10 cursor-pointer focus:outline-none focus:ring-1 focus:ring-primary/50"
|
||||||
|
>
|
||||||
|
<option value="admin">Admin</option>
|
||||||
|
<option value="partner">Partner</option>
|
||||||
|
<option value="gesperrt">Gesperrt</option>
|
||||||
|
</select>
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
</TableCell>
|
</TableCell>
|
||||||
<TableCell className="text-slate-400 text-sm">
|
<TableCell className="text-slate-400 text-sm">
|
||||||
{user.last_sign_in_at ? new Date(user.last_sign_in_at).toLocaleString('de-DE') : 'Noch nie'}
|
{user.last_sign_in_at ? new Date(user.last_sign_in_at).toLocaleString('de-DE') : 'Noch nie'}
|
||||||
</TableCell>
|
</TableCell>
|
||||||
<TableCell className="text-right">
|
<TableCell className="text-right">
|
||||||
<div className="flex justify-end gap-2">
|
<div className="flex justify-end gap-2">
|
||||||
<Button
|
<Button
|
||||||
variant="ghost"
|
variant="ghost"
|
||||||
size="icon"
|
size="icon"
|
||||||
className="h-8 w-8 text-yellow-500 hover:text-yellow-400 hover:bg-yellow-500/10"
|
className="h-8 w-8 text-yellow-500 hover:text-yellow-400 hover:bg-yellow-500/10"
|
||||||
title="Passwort zurücksetzen"
|
title="Passwort zurücksetzen"
|
||||||
onClick={() => handleResetPassword(user.email)}
|
onClick={() => handleResetPassword(user.email)}
|
||||||
>
|
>
|
||||||
<Key className="h-4 w-4" />
|
<Key className="h-4 w-4" />
|
||||||
</Button>
|
</Button>
|
||||||
<Button
|
<Button
|
||||||
variant="ghost"
|
variant="ghost"
|
||||||
size="icon"
|
size="icon"
|
||||||
className={`h-8 w-8 ${isBanned ? 'text-green-500 hover:text-green-400 hover:bg-green-500/10' : 'text-orange-500 hover:text-orange-400 hover:bg-orange-500/10'}`}
|
|
||||||
title={isBanned ? "Entsperren" : "Sperren"}
|
|
||||||
onClick={() => handleToggleBan(user.id, isBanned)}
|
|
||||||
>
|
|
||||||
{isBanned ? <ShieldAlert className="h-4 w-4" /> : <UserX className="h-4 w-4" />}
|
|
||||||
</Button>
|
|
||||||
<Button
|
|
||||||
variant="ghost"
|
|
||||||
size="icon"
|
|
||||||
className="h-8 w-8 text-destructive hover:text-destructive hover:bg-destructive/10"
|
className="h-8 w-8 text-destructive hover:text-destructive hover:bg-destructive/10"
|
||||||
title="Löschen"
|
title="Löschen"
|
||||||
onClick={() => handleDelete(user.id)}
|
onClick={() => handleDelete(user.id)}
|
||||||
|
disabled={isLoadingDelete}
|
||||||
>
|
>
|
||||||
<Trash2 className="h-4 w-4" />
|
{isLoadingDelete ? <Loader2 className="h-4 w-4 animate-spin" /> : <Trash2 className="h-4 w-4" />}
|
||||||
</Button>
|
</Button>
|
||||||
</div>
|
</div>
|
||||||
</TableCell>
|
</TableCell>
|
||||||
|
|||||||
@@ -25,10 +25,13 @@ export function LoginForm({
|
|||||||
const [error, setError] = useState<string | null>(null);
|
const [error, setError] = useState<string | null>(null);
|
||||||
const [isLoading, setIsLoading] = useState(false);
|
const [isLoading, setIsLoading] = useState(false);
|
||||||
const [messageParam, setMessageParam] = useState<string | null>(null);
|
const [messageParam, setMessageParam] = useState<string | null>(null);
|
||||||
|
const [errorParam, setErrorParam] = useState<string | null>(null);
|
||||||
const router = useRouter();
|
const router = useRouter();
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
setMessageParam(new URLSearchParams(window.location.search).get('message'));
|
const params = new URLSearchParams(window.location.search);
|
||||||
|
setMessageParam(params.get('message'));
|
||||||
|
setErrorParam(params.get('error'));
|
||||||
}, []);
|
}, []);
|
||||||
|
|
||||||
const handleLogin = async (e: React.FormEvent) => {
|
const handleLogin = async (e: React.FormEvent) => {
|
||||||
@@ -99,6 +102,11 @@ export function LoginForm({
|
|||||||
onChange={(e) => setPassword(e.target.value)}
|
onChange={(e) => setPassword(e.target.value)}
|
||||||
/>
|
/>
|
||||||
</div>
|
</div>
|
||||||
|
{errorParam === "gesperrt" && (
|
||||||
|
<p className="text-sm text-red-500 bg-red-500/10 border border-red-500/20 p-3 rounded-lg text-center font-medium">
|
||||||
|
🚫 Ihr Konto wurde gesperrt. Bitte wenden Sie sich an den Administrator.
|
||||||
|
</p>
|
||||||
|
)}
|
||||||
{messageParam === "concurrent" && (
|
{messageParam === "concurrent" && (
|
||||||
<p className="text-sm text-amber-500 bg-amber-500/10 border border-amber-500/20 p-3 rounded-lg text-center font-medium">
|
<p className="text-sm text-amber-500 bg-amber-500/10 border border-amber-500/20 p-3 rounded-lg text-center font-medium">
|
||||||
Sie wurden abgemeldet, da Sie sich an einem anderen Gerät angemeldet haben.
|
Sie wurden abgemeldet, da Sie sich an einem anderen Gerät angemeldet haben.
|
||||||
|
|||||||
@@ -49,6 +49,9 @@ export async function signIn(email: string, password: string) {
|
|||||||
|
|
||||||
if (userError || !userData || (userData.role !== 'partner' && userData.role !== 'admin')) {
|
if (userError || !userData || (userData.role !== 'partner' && userData.role !== 'admin')) {
|
||||||
await supabase.auth.signOut()
|
await supabase.auth.signOut()
|
||||||
|
if (userData?.role === 'gesperrt') {
|
||||||
|
return { success: false, error: "Ihr Konto wurde gesperrt. Bitte wenden Sie sich an den Administrator." }
|
||||||
|
}
|
||||||
return { success: false, error: "Zugriff verweigert. Nur registrierte Partner dürfen sich anmelden." }
|
return { success: false, error: "Zugriff verweigert. Nur registrierte Partner dürfen sich anmelden." }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -54,6 +54,15 @@ export async function deleteUser(id: string) {
|
|||||||
revalidatePath('/admin/users')
|
revalidatePath('/admin/users')
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export async function updateUserRole(id: string, role: 'admin' | 'partner' | 'gesperrt') {
|
||||||
|
const admin = createAdminClient()
|
||||||
|
const { error } = await admin
|
||||||
|
.from('users')
|
||||||
|
.upsert({ id, role }, { onConflict: 'id' })
|
||||||
|
if (error) throw error
|
||||||
|
revalidatePath('/admin/users')
|
||||||
|
}
|
||||||
|
|
||||||
export async function updateUserStatus(id: string, ban: boolean) {
|
export async function updateUserStatus(id: string, ban: boolean) {
|
||||||
const admin = createAdminClient()
|
const admin = createAdminClient()
|
||||||
const { error } = await admin.auth.admin.updateUserById(id, {
|
const { error } = await admin.auth.admin.updateUserById(id, {
|
||||||
|
|||||||
@@ -84,6 +84,28 @@ export async function updateSession(request: NextRequest) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Gesperrte Benutzer sofort ausloggen
|
||||||
|
if (
|
||||||
|
user?.sub &&
|
||||||
|
!request.nextUrl.pathname.startsWith("/auth")
|
||||||
|
) {
|
||||||
|
const { data: dbUser } = await supabase
|
||||||
|
.from("users")
|
||||||
|
.select("role")
|
||||||
|
.eq("id", user.sub)
|
||||||
|
.single();
|
||||||
|
|
||||||
|
if (dbUser?.role === "gesperrt") {
|
||||||
|
const url = request.nextUrl.clone();
|
||||||
|
url.pathname = "/auth/login";
|
||||||
|
url.searchParams.set("error", "gesperrt");
|
||||||
|
// Clear cookie so the session is fully gone
|
||||||
|
const response = NextResponse.redirect(url);
|
||||||
|
response.cookies.delete("webshop-auth-token");
|
||||||
|
return response;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// IMPORTANT: You *must* return the supabaseResponse object as it is.
|
// IMPORTANT: You *must* return the supabaseResponse object as it is.
|
||||||
// If you're creating a new response object with NextResponse.next() make sure to:
|
// If you're creating a new response object with NextResponse.next() make sure to:
|
||||||
// 1. Pass the request in it, like so:
|
// 1. Pass the request in it, like so:
|
||||||
|
|||||||
Reference in New Issue
Block a user