barbercollie/ReadMeABook
1
0
Fork 1
mirror of https://github.com/kikootwo/ReadMeABook.git synced 2026-06-03 04:40:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add requireSetupIncompleteOrAdmin and adjust routes

Browse Source 
Introduce a new middleware requireSetupIncompleteOrAdmin that allows unauthenticated access while the setup wizard is in progress but enforces admin authentication once setup is complete. Replace requireSetupIncomplete with the new guard in test-paths, test-abs and test-oidc API routes. Update the front-end hook to use fetchWithAuth for authenticated requests. Revise setup-guard tests to cover the new semantics: shared endpoints now return 401 when setup is complete and no auth is provided, return 403 for authenticated non-admin users, and allow admin access or unauthenticated access during setup/DB-unready conditions; also add jwt verification and user lookup mocks to the tests.
This commit is contained in:
kikootwo
2026-02-09 21:45:37 -05:00
parent 7e53f037af
commit f9947b745e
6 changed files with 116 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/app/api/setup/test-oidc/route.ts
+2 -2
View File
@@ -5,13 +5,13 @@
import { NextRequest, NextResponse } from 'next/server';
import { Issuer } from 'openid-client';
import { requireSetupIncomplete } from '@/lib/middleware/auth';
import { requireSetupIncompleteOrAdmin } from '@/lib/middleware/auth';
import { RMABLogger } from '@/lib/utils/logger';
const logger = RMABLogger.create('API.Setup.TestOIDC');
export async function POST(request: NextRequest) {
return requireSetupIncomplete(request, async (req) => {
return requireSetupIncompleteOrAdmin(request, async (req) => {
try {
const body = await req.json();
const { issuerUrl, clientId, clientSecret } = body;