gg

src/app/[locale]/(auth)/signup/page.tsx

@@ -22,7 +22,7 @@ import { MdMail } from "react-icons/md";
 import { useRouter } from "next/navigation";
 import { PasswordInput } from "@/components/ui/forms/password-input";
 import { Skeleton } from "@/components/ui/feedback/skeleton";
-import { authService } from "@/lib/api/example/auth/service";
+import { authService } from "@/lib/api/auth/service";
 import { useState } from "react";
 import { signIn } from "next-auth/react";
 import { toaster } from "@/components/ui/feedback/toaster";

src/app/[locale]/(site)/admin/page.tsx

@@ -1,5 +1,9 @@
 import { getTranslations } from "next-intl/server";
 import AdminContent from "@/components/admin/admin-content";
+import { authOptions } from "@/app/api/auth/[...nextauth]/route";
+import { isAdminRole } from "@/lib/auth/roles";
+import { getServerSession } from "next-auth";
+import { notFound } from "next/navigation";
 
 export async function generateMetadata() {
   const t = await getTranslations();
@@ -10,6 +14,12 @@ export async function generateMetadata() {
   };
 }
 
-export default function AdminPage() {
+export default async function AdminPage() {
+  const session = await getServerSession(authOptions);
+
+  if (!isAdminRole(session?.user?.roles)) {
+    notFound();
+  }
+
   return <AdminContent />;
 }

src/app/api/auth/[...nextauth]/route.ts

@@ -1,4 +1,5 @@
-import { authService } from "@/lib/api/example/auth/service";
+import { authService } from "@/lib/api/auth/service";
+import { normalizeRoles } from "@/lib/auth/roles";
 import NextAuth from "next-auth";
 import type { NextAuthOptions } from "next-auth";
 import type { JWT } from "next-auth/jwt";
@@ -11,7 +12,7 @@ function randomToken() {
 
 const isMockMode = process.env.NEXT_PUBLIC_ENABLE_MOCK_MODE === "true";
 
-const authOptions: NextAuthOptions = {
+export const authOptions: NextAuthOptions = {
   providers: [
     Credentials({
       name: "Credentials",
@@ -63,6 +64,7 @@ const authOptions: NextAuthOptions = {
           }
 
           const { accessToken, refreshToken, user } = response.data;
+          const normalizedRoles = normalizeRoles(user.roles);
 
           console.log("Login successful, creating user session object");
 
@@ -74,7 +76,7 @@ const authOptions: NextAuthOptions = {
             email: user.email,
             accessToken,
             refreshToken,
-            roles: user.roles || [],
+            roles: normalizedRoles,
           };
         } catch (error: unknown) {
           console.error("Authorize error detailed:", error);
@@ -98,13 +100,13 @@ const authOptions: NextAuthOptions = {
         token.accessToken = user.accessToken;
         token.refreshToken = user.refreshToken;
         token.id = user.id;
-        token.roles = user.roles;
+        token.roles = normalizeRoles(user.roles);
       }
       return token;
     },
     async session({ session, token }: { session: Session; token: JWT }) {
       session.user.id = token.id;
-      session.user.roles = token.roles;
+      session.user.roles = normalizeRoles(token.roles);
       session.accessToken = token.accessToken;
       session.refreshToken = token.refreshToken;
       return session;