From 3b36961164130ea8435f6e5887a7beaa2e01f795 Mon Sep 17 00:00:00 2001 From: phoenixpereira Date: Fri, 7 Feb 2025 09:16:35 +1030 Subject: [PATCH] feat(auth): Separate committee and admin roles and add wiki link for committee --- next-auth.d.ts | 1 + src/app/admin/page.tsx | 2 +- src/app/api/payment/route.ts | 2 +- src/auth.ts | 9 ++++++++- src/components/Header/components/Links.tsx | 10 ++++++++++ src/components/Header/index.tsx | 3 ++- 6 files changed, 23 insertions(+), 4 deletions(-) diff --git a/next-auth.d.ts b/next-auth.d.ts index 7d3d1ffc..a3240698 100644 --- a/next-auth.d.ts +++ b/next-auth.d.ts @@ -9,6 +9,7 @@ declare module 'next-auth' { firstName?: string; lastName?: string; isCommittee?: boolean; + isAdmin?: boolean; }; } } diff --git a/src/app/admin/page.tsx b/src/app/admin/page.tsx index 25bea9c0..42f39fc9 100644 --- a/src/app/admin/page.tsx +++ b/src/app/admin/page.tsx @@ -59,7 +59,7 @@ export type Member = { export default async function AdminPage({ searchParams }: { searchParams?: { page?: string } }) { const session = await auth(); - if (!session?.user?.isCommittee) { + if (!session?.user?.isAdmin) { return notFound(); } diff --git a/src/app/api/payment/route.ts b/src/app/api/payment/route.ts index 130768b4..31c1e41e 100644 --- a/src/app/api/payment/route.ts +++ b/src/app/api/payment/route.ts @@ -99,7 +99,7 @@ export async function PUT(request: Request) { }); const session = await auth(); - if (!session?.user?.isCommittee) { + if (!session?.user?.isAdmin) { return new Response(null, { status: 401 }); } diff --git a/src/auth.ts b/src/auth.ts index 67fd2718..f555e7e1 100644 --- a/src/auth.ts +++ b/src/auth.ts @@ -22,6 +22,7 @@ interface ExtendedSession extends Session { firstName?: string; lastName?: string; isCommittee?: boolean; + isAdmin?: boolean; }; } @@ -32,9 +33,12 @@ export const { handlers, signIn, signOut, auth } = NextAuth({ async jwt({ token, user, account, profile }) { if (account?.access_token) { const decodedToken = decodeJwt(account.access_token); - if (decodedToken?.realm_access?.roles?.includes('restricted-access')) { + if (decodedToken?.realm_access?.roles?.includes('committee')) { token.isCommittee = true; } + if (decodedToken?.realm_access?.roles?.includes('restricted-access')) { + token.isAdmin = true; + } } if (user) { token.email = user.email; @@ -61,6 +65,9 @@ export const { handlers, signIn, signOut, auth } = NextAuth({ (session.user as ExtendedSession['user']).isCommittee = token.isCommittee as | boolean | undefined; + (session.user as ExtendedSession['user']).isAdmin = token.isAdmin as + | boolean + | undefined; } return session; }, diff --git a/src/components/Header/components/Links.tsx b/src/components/Header/components/Links.tsx index 6c6d31c6..12805274 100644 --- a/src/components/Header/components/Links.tsx +++ b/src/components/Header/components/Links.tsx @@ -22,6 +22,16 @@ export function MenuLinks({ data, onClick }: { data: HeaderData; onClick?: () => Settings )} + {data.isCommittee && ( + + Wiki + + )} {data.isAdmin && ( Admin Panel diff --git a/src/components/Header/index.tsx b/src/components/Header/index.tsx index 30215823..3c4893be 100644 --- a/src/components/Header/index.tsx +++ b/src/components/Header/index.tsx @@ -38,9 +38,10 @@ const getHeaderData = async () => { return { isSignedIn: true as const, avatar: avatar, - isAdmin: session?.user + isCommittee: session?.user ? ((session.user.isCommittee as boolean | undefined) ?? false) : false, + isAdmin: session?.user ? ((session.user.isAdmin as boolean | undefined) ?? false) : false, nextStep, isMember: nextStep === null, };