142 lines
3.4 KiB
TypeScript
142 lines
3.4 KiB
TypeScript
import { redirect } from "next/navigation";
|
|
import { getServerSession } from "./get-session";
|
|
|
|
/**
|
|
* Server-side Authentication Helpers
|
|
*
|
|
* Best practices:
|
|
* - All functions use getServerSession (cached)
|
|
* - Redirects are handled gracefully
|
|
* - Role checks include proper fallbacks
|
|
* - Type-safe role checking
|
|
*/
|
|
|
|
/**
|
|
* Get the current session
|
|
* Cached to avoid multiple lookups in the same request
|
|
*/
|
|
export const getSession = getServerSession;
|
|
|
|
/**
|
|
* Require authentication in a Server Component or Server Action
|
|
* Redirects to /sign-in if not authenticated
|
|
* @returns The session object
|
|
*/
|
|
export async function requireAuth() {
|
|
const session = await getSession();
|
|
if (!session) {
|
|
redirect("/sign-in");
|
|
}
|
|
return session;
|
|
}
|
|
|
|
/**
|
|
* Get the current user
|
|
* @returns The user object or null if not authenticated
|
|
*/
|
|
export async function getCurrentUser() {
|
|
const session = await getSession();
|
|
return session?.user ?? null;
|
|
}
|
|
|
|
/**
|
|
* Check if the user is authenticated
|
|
* @returns true if authenticated, false otherwise
|
|
*/
|
|
export async function isAuthenticated() {
|
|
const session = await getSession();
|
|
return !!session;
|
|
}
|
|
|
|
/**
|
|
* Get the current user's role
|
|
* @returns The user's role or null
|
|
*/
|
|
export async function getUserRole() {
|
|
const session = await getSession();
|
|
return session?.user?.role ?? null;
|
|
}
|
|
|
|
/**
|
|
* Check if the current user is an admin
|
|
* @returns true if user is admin, false otherwise
|
|
*/
|
|
export async function isAdmin() {
|
|
const session = await getSession();
|
|
return session?.user?.role === "admin";
|
|
}
|
|
|
|
/**
|
|
* Check if the current user is a dentist
|
|
* @returns true if user is dentist, false otherwise
|
|
*/
|
|
export async function isDentist() {
|
|
const session = await getSession();
|
|
return session?.user?.role === "dentist";
|
|
}
|
|
|
|
/**
|
|
* Check if the current user is a patient
|
|
* @returns true if user is patient, false otherwise
|
|
*/
|
|
export async function isPatient() {
|
|
const session = await getSession();
|
|
return session?.user?.role === "patient";
|
|
}
|
|
|
|
/**
|
|
* Require admin role
|
|
* Redirects to appropriate page if not admin
|
|
* @returns The session object
|
|
*/
|
|
export async function requireAdmin() {
|
|
const session = await requireAuth();
|
|
if (session.user?.role !== "admin") {
|
|
const role = session.user?.role;
|
|
redirect(role === "dentist" ? "/dentist" : role === "patient" ? "/patient" : "/");
|
|
}
|
|
return session;
|
|
}
|
|
|
|
/**
|
|
* Require dentist role
|
|
* Redirects to appropriate page if not dentist
|
|
* @returns The session object
|
|
*/
|
|
export async function requireDentist() {
|
|
const session = await requireAuth();
|
|
if (session.user?.role !== "dentist") {
|
|
const role = session.user?.role;
|
|
redirect(role === "admin" ? "/admin" : role === "patient" ? "/patient" : "/");
|
|
}
|
|
return session;
|
|
}
|
|
|
|
/**
|
|
* Require patient role
|
|
* Redirects to appropriate page if not patient
|
|
* @returns The session object
|
|
*/
|
|
export async function requirePatient() {
|
|
const session = await requireAuth();
|
|
if (session.user?.role !== "patient") {
|
|
const role = session.user?.role;
|
|
redirect(role === "admin" ? "/admin" : role === "dentist" ? "/dentist" : "/");
|
|
}
|
|
return session;
|
|
}
|
|
|
|
/**
|
|
* Require staff role (admin or dentist)
|
|
* Redirects to patient portal if neither
|
|
* @returns The session object
|
|
*/
|
|
export async function requireStaff() {
|
|
const session = await requireAuth();
|
|
const role = session.user?.role;
|
|
if (role !== "admin" && role !== "dentist") {
|
|
redirect(role === "patient" ? "/patient" : "/");
|
|
}
|
|
return session;
|
|
}
|