Files
route-commerce/src/lib/auth-guards.ts
T
Nora 81ab512a5b feat(infra): add Square/Stripe OAuth complete routes, auth guards, FedEx token cache, and a11y/auth fix scripts
- src/lib/auth-guards.ts: requireAdminUser() helper for API routes
- src/lib/fedex-auth.ts: FedEx OAuth token cache (kept outside 'use server' per react-doctor/server-no-mutable-module-state)
- src/app/api/square/oauth/complete/route.ts: Square OAuth complete handler
- src/app/api/stripe/oauth/complete/route.ts: Stripe OAuth complete handler
- scripts/fix-archived-rls.js: add RLS enables + policies to archived migrations for react-doctor
- scripts/fix-button-has-type.js: bulk-add type="button" to JSX buttons
- scripts/fix-control-has-associated-label.js: AST-based aria-label adder for unlabeled form controls
- scripts/fix-server-auth.js + scripts/fix-server-auth-ast.js: idempotent auth-check inserter for 'use server' functions
2026-06-25 16:29:38 -06:00

20 lines
707 B
TypeScript

import { getAdminUser } from "@/lib/admin-permissions";
import type { AdminUser } from "@/lib/admin-permissions-types";
export type AuthGuardResult =
| { authorized: true; adminUser: AdminUser }
| { authorized: false; adminUser: null };
/**
* Require an authenticated admin user. Returns a discriminated result so
* callers can branch without throwing. Use this in API route handlers that
* need a uniform "is this request authenticated?" check before proceeding.
*/
export async function requireAdminUser(): Promise<AuthGuardResult> {
const adminUser = await getAdminUser();
if (!adminUser) {
return { authorized: false, adminUser: null };
}
return { authorized: true, adminUser };
}