Admin/panel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add authentication test page and API testing scripts; implement debug auth endpoint and enhance task route with read permissions

Browse Source
This commit is contained in:
RKWojs
2025-06-25 12:54:37 +02:00
parent c1bb4c44fd
commit 1524e1e9bb
6 changed files with 520 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
src/app/api/debug-auth/route.js Normal file
View File

@@ -0,0 +1,37 @@
import { auth } from "@/lib/auth"
import { NextResponse } from "next/server"
export const GET = auth(async (req) => {
try {
console.log("=== DEBUG AUTH ENDPOINT ===")
console.log("Request URL:", req.url)
console.log("Auth object:", req.auth)
if (!req.auth?.user) {
return NextResponse.json({
error: "No session found",
debug: {
hasAuth: !!req.auth,
authKeys: req.auth ? Object.keys(req.auth) : [],
}
}, { status: 401 })
}
return NextResponse.json({
message: "Authenticated",
user: req.auth.user,
debug: {
authKeys: Object.keys(req.auth),
userKeys: Object.keys(req.auth.user)
}
})
} catch (error) {
console.error("Auth debug error:", error)
return NextResponse.json({
error: "Auth error",
message: error.message,
stack: error.stack
}, { status: 500 })
}
})

10
src/app/api/tasks/route.js
View File

@@ -1,6 +1,7 @@
import db from "@/lib/db";
import { NextResponse } from "next/server";
import { withUserAuth } from "@/lib/middleware/auth";
import { withUserAuth, withReadAuth } from "@/lib/middleware/auth";
import { getAllTaskTemplates } from "@/lib/queries/tasks";
// POST: create new template
async function createTaskHandler(req) {
@@ -20,5 +21,12 @@ async function createTaskHandler(req) {
return NextResponse.json({ success: true });
}
// GET: Get all task templates
async function getTasksHandler(req) {
const templates = getAllTaskTemplates();
return NextResponse.json(templates);
}
// Protected routes - require authentication
export const GET = withReadAuth(getTasksHandler);
export const POST = withUserAuth(createTaskHandler);

33
src/lib/middleware/auth.js
View File

@@ -10,20 +10,21 @@ const ROLE_HIERARCHY = {
}
export function withAuth(handler, options = {}) {
return async (req, context) => {
return auth(async (req) => {
try {
const session = await auth(req)
// Check if user is authenticated
if (!session?.user) {
if (!req.auth?.user) {
console.log("No session found for request to:", req.url)
return NextResponse.json(
{ error: "Authentication required" },
{ status: 401 }
)
}
console.log("Session found for user:", req.auth.user.email)
// Check role-based permissions (without database access)
if (options.requiredRole && !hasPermission(session.user.role, options.requiredRole)) {
if (options.requiredRole && !hasPermission(req.auth.user.role, options.requiredRole)) {
return NextResponse.json(
{ error: "Insufficient permissions" },
{ status: 403 }
@@ -32,14 +33,14 @@ export function withAuth(handler, options = {}) {
// Add user info to request
req.user = {
id: session.user.id,
email: session.user.email,
name: session.user.name,
role: session.user.role
id: req.auth.user.id,
email: req.auth.user.email,
name: req.auth.user.name,
role: req.auth.user.role
}
// Call the original handler
return await handler(req, context)
return await handler(req)
} catch (error) {
console.error("Auth middleware error:", error)
return NextResponse.json(
@@ -47,7 +48,7 @@ export function withAuth(handler, options = {}) {
{ status: 500 }
)
}
}
})
}
export function hasPermission(userRole, requiredRole) {
@@ -64,12 +65,12 @@ export function withUserAuth(handler) {
return withAuth(handler, { requiredRole: 'user' })
}
// Helper for admin-level operations
export function withAdminAuth(handler) {
return withAuth(handler, { requiredRole: 'admin' })
}
// Helper for project manager operations
export function withManagerAuth(handler) {
return withAuth(handler, { requiredRole: 'project_manager' })
}
// Helper for admin operations
export function withAdminAuth(handler) {
return withAuth(handler, { requiredRole: 'admin' })
}