andrei/biblical-guide.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4303e48fac7396237cef6da3ab456a6355bcf152
biblical-guide.com/lib/admin-auth.ts
Andrei 4303e48fac Fix Next.js 15 compatibility and TypeScript errors 
- Update API route handlers to use async params for Next.js 15 compatibility
- Fix MUI DataGrid deprecated props (pageSize -> initialState.pagination)
- Replace Material-UI Grid components with Box for better compatibility
- Fix admin authentication system with proper request parameters
- Update permission constants to match available AdminPermission enum values
- Add missing properties to Page interface for type safety
- Update .gitignore to exclude venv/, import logs, and large data directories
- Optimize Next.js config to reduce memory usage during builds

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-24 09:54:13 +00:00

151 lines
3.6 KiB
TypeScript
Raw Blame History

import { NextRequest } from 'next/server';
import { verify, sign } from 'jsonwebtoken';
import { prisma } from '@/lib/db';
const JWT_SECRET = process.env.JWT_SECRET || 'fallback-secret-key';
export enum AdminPermission {
READ_USERS = 'read_users',
WRITE_USERS = 'write_users',
DELETE_USERS = 'delete_users',
READ_CONTENT = 'read_content',
WRITE_CONTENT = 'write_content',
DELETE_CONTENT = 'delete_content',
READ_ANALYTICS = 'read_analytics',
READ_CHAT = 'read_chat',
WRITE_CHAT = 'write_chat',
DELETE_CHAT = 'delete_chat',
SYSTEM_BACKUP = 'system_backup',
SYSTEM_HEALTH = 'system_health',
SUPER_ADMIN = 'super_admin'
}
export interface AdminUser {
id: string;
email: string;
name: string | null;
role: string;
}
export async function verifyAdminAuth(request: NextRequest): Promise<AdminUser | null> {
try {
const authHeader = request.headers.get('authorization');
if (!authHeader?.startsWith('Bearer ')) {
return null;
}
const token = authHeader.substring(7);
let payload: any;
try {
payload = verify(token, JWT_SECRET);
} catch (error) {
return null;
}
if (!payload.userId) {
return null;
}
const user = await prisma.user.findUnique({
where: {
id: payload.userId,
role: { in: ['admin', 'moderator'] }
},
select: {
id: true,
email: true,
name: true,
role: true
}
});
if (!user) {
return null;
}
return user;
} catch (error) {
console.error('Error verifying admin auth:', error);
return null;
}
}
export function hasAdminAccess(user: AdminUser | null): boolean {
return user?.role === 'admin' || user?.role === 'moderator';
}
export function isSuperAdmin(user: AdminUser | null): boolean {
return user?.role === 'admin';
}
// Generate JWT token for admin authentication
export function generateAdminToken(user: AdminUser): string {
return sign(
{
userId: user.id,
email: user.email,
role: user.role,
type: 'admin'
},
JWT_SECRET,
{ expiresIn: '24h' }
);
}
// Get current admin from request
export async function getCurrentAdmin(request: NextRequest): Promise<AdminUser | null> {
return await verifyAdminAuth(request);
}
// Check if user has specific permission
export function hasPermission(user: AdminUser | null, permission: AdminPermission): boolean {
if (!user) return false;
// Super admin has all permissions
if (user.role === 'admin') return true;
// Define moderator permissions
const moderatorPermissions = [
AdminPermission.READ_USERS,
AdminPermission.WRITE_USERS,
AdminPermission.READ_CONTENT,
AdminPermission.WRITE_CONTENT,
AdminPermission.DELETE_CONTENT,
AdminPermission.READ_ANALYTICS,
AdminPermission.READ_CHAT,
AdminPermission.WRITE_CHAT
];
// Check if moderator has the requested permission
if (user.role === 'moderator') {
return moderatorPermissions.includes(permission);
}
return false;
}
// Get user permissions based on role
export function getUserPermissions(user: AdminUser | null): AdminPermission[] {
if (!user) return [];
if (user.role === 'admin') {
// Admin has all permissions
return Object.values(AdminPermission);
}
if (user.role === 'moderator') {
return [
AdminPermission.READ_USERS,
AdminPermission.WRITE_USERS,
AdminPermission.READ_CONTENT,
AdminPermission.WRITE_CONTENT,
AdminPermission.DELETE_CONTENT,
AdminPermission.READ_ANALYTICS,
AdminPermission.READ_CHAT,
AdminPermission.WRITE_CHAT
];
}
return [];
}
Reference in New Issue View Git Blame Copy Permalink