Spaces:
Sleeping
Sleeping
v3.0: Fix admin-guard.ts — remove hardcoded email, check DB role only
Browse files- web/lib/admin-guard.ts +1 -8
web/lib/admin-guard.ts
CHANGED
|
@@ -1,20 +1,13 @@
|
|
| 1 |
import { createClient } from "@/lib/supabase/server";
|
| 2 |
import { redirect } from "next/navigation";
|
| 3 |
|
| 4 |
-
const ADMIN_EMAILS = ["ankygaur9972@gmail.com"];
|
| 5 |
-
|
| 6 |
export async function requireAdmin() {
|
| 7 |
const supabase = await createClient();
|
| 8 |
const { data: { user } } = await supabase.auth.getUser();
|
| 9 |
|
| 10 |
if (!user) redirect("/auth/login");
|
| 11 |
|
| 12 |
-
// Check
|
| 13 |
-
if (!ADMIN_EMAILS.includes(user.email || "")) {
|
| 14 |
-
redirect("/dashboard-pages/dashboard");
|
| 15 |
-
}
|
| 16 |
-
|
| 17 |
-
// Double check role in DB
|
| 18 |
const { data: profile } = await supabase
|
| 19 |
.from("profiles")
|
| 20 |
.select("role")
|
|
|
|
| 1 |
import { createClient } from "@/lib/supabase/server";
|
| 2 |
import { redirect } from "next/navigation";
|
| 3 |
|
|
|
|
|
|
|
| 4 |
export async function requireAdmin() {
|
| 5 |
const supabase = await createClient();
|
| 6 |
const { data: { user } } = await supabase.auth.getUser();
|
| 7 |
|
| 8 |
if (!user) redirect("/auth/login");
|
| 9 |
|
| 10 |
+
// Check role from database — no hardcoded emails
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
const { data: profile } = await supabase
|
| 12 |
.from("profiles")
|
| 13 |
.select("role")
|