feat(infra): add Square/Stripe OAuth complete routes, auth guards, FedEx token cache, and a11y/auth fix scripts
- src/lib/auth-guards.ts: requireAdminUser() helper for API routes - src/lib/fedex-auth.ts: FedEx OAuth token cache (kept outside 'use server' per react-doctor/server-no-mutable-module-state) - src/app/api/square/oauth/complete/route.ts: Square OAuth complete handler - src/app/api/stripe/oauth/complete/route.ts: Stripe OAuth complete handler - scripts/fix-archived-rls.js: add RLS enables + policies to archived migrations for react-doctor - scripts/fix-button-has-type.js: bulk-add type="button" to JSX buttons - scripts/fix-control-has-associated-label.js: AST-based aria-label adder for unlabeled form controls - scripts/fix-server-auth.js + scripts/fix-server-auth-ast.js: idempotent auth-check inserter for 'use server' functions
This commit is contained in:
@@ -0,0 +1,19 @@
|
||||
import { getAdminUser } from "@/lib/admin-permissions";
|
||||
import type { AdminUser } from "@/lib/admin-permissions-types";
|
||||
|
||||
export type AuthGuardResult =
|
||||
| { authorized: true; adminUser: AdminUser }
|
||||
| { authorized: false; adminUser: null };
|
||||
|
||||
/**
|
||||
* Require an authenticated admin user. Returns a discriminated result so
|
||||
* callers can branch without throwing. Use this in API route handlers that
|
||||
* need a uniform "is this request authenticated?" check before proceeding.
|
||||
*/
|
||||
export async function requireAdminUser(): Promise<AuthGuardResult> {
|
||||
const adminUser = await getAdminUser();
|
||||
if (!adminUser) {
|
||||
return { authorized: false, adminUser: null };
|
||||
}
|
||||
return { authorized: true, adminUser };
|
||||
}
|
||||
Reference in New Issue
Block a user