fix(App.tsx): check user role before redirecting to /admin #29
+3
-2
@@ -386,9 +386,10 @@ export function App() {
|
|||||||
return <Navigate to="/setup" replace />;
|
return <Navigate to="/setup" replace />;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Redirect authenticated users to /admin (but preserve impersonation flow via ?sessionId=)
|
// Redirect authenticated staff (non-customer) users to /admin (but preserve impersonation flow via ?sessionId=)
|
||||||
const searchParams = new URLSearchParams(location.search);
|
const searchParams = new URLSearchParams(location.search);
|
||||||
if (!authDisabled && session && !location.pathname.startsWith("/admin") && !searchParams.has("sessionId")) {
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- Better Auth session.user extends Record<string,unknown>; role field is injected by Authentik OIDC
|
||||||
|
if (!authDisabled && session && (session as any)?.user?.role !== "customer" && !location.pathname.startsWith("/admin") && !searchParams.has("sessionId")) {
|
||||||
return <Navigate to="/admin" replace />;
|
return <Navigate to="/admin" replace />;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user