fix(App.tsx): check user role before redirecting to /admin #29

Closed
The Dogfather wants to merge 3 commits from ccfa5281-2076-40c2-87a9-bf2dbcf98d22/gro-1822-role-based-redirect into dev
Showing only changes of commit 505904d8bd - Show all commits
+3 -2
View File
@@ -386,9 +386,10 @@ export function App() {
return <Navigate to="/setup" replace />;
}
// Redirect authenticated users to /admin (but preserve impersonation flow via ?sessionId=)
// Redirect authenticated staff (non-customer) users to /admin (but preserve impersonation flow via ?sessionId=)
const searchParams = new URLSearchParams(location.search);
if (!authDisabled && session && !location.pathname.startsWith("/admin") && !searchParams.has("sessionId")) {
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- Better Auth session.user extends Record<string,unknown>; role field is injected by Authentik OIDC
if (!authDisabled && session && (session as any)?.user?.role !== "customer" && !location.pathname.startsWith("/admin") && !searchParams.has("sessionId")) {
return <Navigate to="/admin" replace />;
}