flfeders/FEDEO
2
1
Fork 0
Code Issues 63 Pull Requests Actions Packages Projects 21 Releases Wiki Activity

Fixed Role Loading

Browse Source
This commit is contained in:
florianfederspiel
2025-11-09 18:52:44 +01:00
parent fc3ed1fb11
commit 2382b2dfae
1 changed files with 36 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
src/plugins/auth.ts
View File

@@ -37,51 +37,51 @@ export default fp(async (server: FastifyInstance) => {
tenant_id: number; tenant_id: number;
}; };
console.log("payload", payload);
if (!payload?.user_id) { if (!payload?.user_id) {
return reply.code(401).send({ error: "Invalid token" }); return reply.code(401).send({ error: "Invalid token" });
} }
req.user = payload; req.user = payload;
// 3⃣ Rolle des Nutzers im Tenant laden if(req.user.tenant_id) {
const { data: roleData, error: roleError } = await server.supabase // 3⃣ Rolle des Nutzers im Tenant laden
.from("auth_user_roles") const { data: roleData, error: roleError } = await server.supabase
.select("role_id") .from("auth_user_roles")
.eq("user_id", payload.user_id) .select("role_id")
.eq("tenant_id", payload.tenant_id) .eq("user_id", payload.user_id)
.maybeSingle(); .eq("tenant_id", payload.tenant_id)
.maybeSingle();
if (roleError) { if (roleError) {
console.log("Error fetching user role", roleError); console.log("Error fetching user role", roleError);
return reply.code(500).send({ error: "Failed to load user role" }); return reply.code(500).send({ error: "Failed to load user role" });
}
if (!roleData) {
return reply.code(403).send({ error: "No role assigned for this tenant" });
}
const roleId = roleData.role_id;
// 4⃣ Berechtigungen der Rolle laden
const { data: permissions, error: permsError } = await server.supabase
.from("auth_role_permissions")
.select("permission")
.eq("role_id", roleId);
if (permsError) {
console.log("Failed to load permissions", permsError);
return reply.code(500).send({ error: "Permission lookup failed" });
}
const perms = permissions?.map((p) => p.permission) ?? [];
// 5⃣ An Request hängen
req.role = roleId;
req.permissions = perms;
req.hasPermission = (perm: string) => perms.includes(perm);
} }
if (!roleData) {
return reply.code(403).send({ error: "No role assigned for this tenant" });
}
const roleId = roleData.role_id;
// 4⃣ Berechtigungen der Rolle laden
const { data: permissions, error: permsError } = await server.supabase
.from("auth_role_permissions")
.select("permission")
.eq("role_id", roleId);
if (permsError) {
console.log("Failed to load permissions", permsError);
return reply.code(500).send({ error: "Permission lookup failed" });
}
const perms = permissions?.map((p) => p.permission) ?? [];
// 5⃣ An Request hängen
req.role = roleId;
req.permissions = perms;
req.hasPermission = (perm: string) => perms.includes(perm);
} catch (err) { } catch (err) {
return reply.code(401).send({ error: "Invalid or expired token" }); return reply.code(401).send({ error: "Invalid or expired token" });
} }