fix(App.tsx): check user role before redirecting to /admin #29
+3
-2
@@ -386,9 +386,10 @@ export function App() {
|
||||
return <Navigate to="/setup" replace />;
|
||||
}
|
||||
|
||||
// Redirect authenticated users to /admin (but preserve impersonation flow via ?sessionId=)
|
||||
// Redirect authenticated staff (non-customer) users to /admin (but preserve impersonation flow via ?sessionId=)
|
||||
const searchParams = new URLSearchParams(location.search);
|
||||
if (!authDisabled && session && !location.pathname.startsWith("/admin") && !searchParams.has("sessionId")) {
|
||||
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- Better Auth session.user extends Record<string,unknown>; role field is injected by Authentik OIDC
|
||||
if (!authDisabled && session && (session as any)?.user?.role !== "customer" && !location.pathname.startsWith("/admin") && !searchParams.has("sessionId")) {
|
||||
return <Navigate to="/admin" replace />;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user