Cleanup
This commit is contained in:
giancarlo
16
apps/web/app/admin/utils/get-page-from-query-param.ts
Normal file
16
apps/web/app/admin/utils/get-page-from-query-param.ts
Normal file
@@ -0,0 +1,16 @@
|
||||
/**
|
||||
* Get page from query params
|
||||
* @name getPageFromQueryParams
|
||||
* @param pageParam
|
||||
*/
|
||||
function getPageFromQueryParams(pageParam: string | undefined) {
|
||||
const page = pageParam ? parseInt(pageParam) : 1;
|
||||
|
||||
if (Number.isNaN(page) || page <= 0) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
return page;
|
||||
}
|
||||
|
||||
export default getPageFromQueryParams;
|
||||
56
apps/web/app/admin/utils/is-user-super-admin.ts
Normal file
56
apps/web/app/admin/utils/is-user-super-admin.ts
Normal file
@@ -0,0 +1,56 @@
|
||||
import type { SupabaseClient } from '@supabase/supabase-js';
|
||||
|
||||
import { Database } from '@kit/supabase/database';
|
||||
|
||||
/**
|
||||
* @name ENFORCE_MFA
|
||||
* @description Set this constant to true if you want the SuperAdmin user to
|
||||
* sign in using MFA when accessing the Admin page
|
||||
*/
|
||||
const ENFORCE_MFA = false;
|
||||
|
||||
/**
|
||||
* @name isUserSuperAdmin
|
||||
* @description Checks if the current user is an admin by checking the
|
||||
* user_metadata.role field in Supabase Auth is set to a SuperAdmin role.
|
||||
*/
|
||||
const isUserSuperAdmin = async (params: {
|
||||
client: SupabaseClient<Database>;
|
||||
enforceMfa?: boolean;
|
||||
}) => {
|
||||
const enforceMfa = params.enforceMfa ?? ENFORCE_MFA;
|
||||
const { data, error } = await params.client.auth.getUser();
|
||||
|
||||
if (error) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// If we enforce MFA, we need to check that the user is MFA authenticated.
|
||||
if (enforceMfa) {
|
||||
const isMfaAuthenticated = await verifyIsMultiFactorAuthenticated(
|
||||
params.client,
|
||||
);
|
||||
|
||||
if (!isMfaAuthenticated) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
const adminMetadata = data.user?.app_metadata;
|
||||
const role = adminMetadata?.role;
|
||||
|
||||
return role === 'super-admin';
|
||||
};
|
||||
|
||||
export default isUserSuperAdmin;
|
||||
|
||||
async function verifyIsMultiFactorAuthenticated(client: SupabaseClient) {
|
||||
const { data, error } =
|
||||
await client.auth.mfa.getAuthenticatorAssuranceLevel();
|
||||
|
||||
if (error || !data) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return data.currentLevel === 'aal2';
|
||||
}
|
||||
Reference in New Issue
Block a user