81ab512a5b
- src/lib/auth-guards.ts: requireAdminUser() helper for API routes - src/lib/fedex-auth.ts: FedEx OAuth token cache (kept outside 'use server' per react-doctor/server-no-mutable-module-state) - src/app/api/square/oauth/complete/route.ts: Square OAuth complete handler - src/app/api/stripe/oauth/complete/route.ts: Stripe OAuth complete handler - scripts/fix-archived-rls.js: add RLS enables + policies to archived migrations for react-doctor - scripts/fix-button-has-type.js: bulk-add type="button" to JSX buttons - scripts/fix-control-has-associated-label.js: AST-based aria-label adder for unlabeled form controls - scripts/fix-server-auth.js + scripts/fix-server-auth-ast.js: idempotent auth-check inserter for 'use server' functions
20 lines
707 B
TypeScript
20 lines
707 B
TypeScript
import { getAdminUser } from "@/lib/admin-permissions";
|
|
import type { AdminUser } from "@/lib/admin-permissions-types";
|
|
|
|
export type AuthGuardResult =
|
|
| { authorized: true; adminUser: AdminUser }
|
|
| { authorized: false; adminUser: null };
|
|
|
|
/**
|
|
* Require an authenticated admin user. Returns a discriminated result so
|
|
* callers can branch without throwing. Use this in API route handlers that
|
|
* need a uniform "is this request authenticated?" check before proceeding.
|
|
*/
|
|
export async function requireAdminUser(): Promise<AuthGuardResult> {
|
|
const adminUser = await getAdminUser();
|
|
if (!adminUser) {
|
|
return { authorized: false, adminUser: null };
|
|
}
|
|
return { authorized: true, adminUser };
|
|
}
|