34 lines
1.2 KiB
TypeScript
34 lines
1.2 KiB
TypeScript
import { getServerSession } from "next-auth";
|
|
import { NextResponse } from "next/server";
|
|
import { authOptions } from "./auth";
|
|
import { getEmailVerificationRequired } from "./system-settings";
|
|
|
|
export async function requireSession() {
|
|
const session = await getServerSession(authOptions);
|
|
if (!session?.user?.email) {
|
|
return { session: null, response: NextResponse.json({ error: "Unauthorized" }, { status: 401 }) };
|
|
}
|
|
if (session.user.status && session.user.status !== "ACTIVE") {
|
|
return {
|
|
session: null,
|
|
response: NextResponse.json({ error: "Account nicht freigeschaltet." }, { status: 403 })
|
|
};
|
|
}
|
|
const emailVerificationRequired = await getEmailVerificationRequired();
|
|
if (emailVerificationRequired && session.user.emailVerified === false) {
|
|
return {
|
|
session: null,
|
|
response: NextResponse.json({ error: "E-Mail nicht verifiziert." }, { status: 403 })
|
|
};
|
|
}
|
|
return { session, response: null };
|
|
}
|
|
|
|
export function isAdminSession(session: { user?: { role?: string } } | null) {
|
|
return session?.user?.role === "ADMIN" || session?.user?.role === "SUPERADMIN";
|
|
}
|
|
|
|
export function isSuperAdminSession(session: { user?: { role?: string } } | null) {
|
|
return session?.user?.role === "SUPERADMIN";
|
|
}
|