Initial commit
This commit is contained in:
@@ -0,0 +1,95 @@
|
||||
import { serve } from "https://deno.land/std@0.203.0/http/server.ts";
|
||||
import { createClient } from "https://esm.sh/@supabase/supabase-js@2";
|
||||
|
||||
const jsonResponse = (body: unknown, status = 200) =>
|
||||
new Response(JSON.stringify(body), {
|
||||
status,
|
||||
headers: { "Content-Type": "application/json" },
|
||||
});
|
||||
|
||||
serve(async (req) => {
|
||||
if (req.method != "POST") {
|
||||
return jsonResponse({ error: "Method not allowed" }, 405);
|
||||
}
|
||||
|
||||
const supabaseUrl = Deno.env.get("SUPABASE_URL") ?? "";
|
||||
const anonKey = Deno.env.get("SUPABASE_ANON_KEY") ?? "";
|
||||
const serviceKey = Deno.env.get("SUPABASE_SERVICE_ROLE_KEY") ?? "";
|
||||
if (!supabaseUrl || !anonKey || !serviceKey) {
|
||||
return jsonResponse({ error: "Missing env configuration" }, 500);
|
||||
}
|
||||
|
||||
const authHeader = req.headers.get("Authorization") ?? "";
|
||||
const token = authHeader.replace("Bearer ", "").trim();
|
||||
if (!token) {
|
||||
return jsonResponse({ error: "Missing access token" }, 401);
|
||||
}
|
||||
|
||||
const authClient = createClient(supabaseUrl, anonKey, {
|
||||
global: { headers: { Authorization: `Bearer ${token}` } },
|
||||
});
|
||||
const { data: authData, error: authError } =
|
||||
await authClient.auth.getUser();
|
||||
if (authError || !authData?.user) {
|
||||
return jsonResponse({ error: "Unauthorized" }, 401);
|
||||
}
|
||||
|
||||
const adminClient = createClient(supabaseUrl, serviceKey);
|
||||
const { data: profile, error: profileError } = await adminClient
|
||||
.from("profiles")
|
||||
.select("role")
|
||||
.eq("id", authData.user.id)
|
||||
.maybeSingle();
|
||||
const role = (profile?.role ?? "").toString().toLowerCase();
|
||||
if (profileError || role != "admin") {
|
||||
return jsonResponse({ error: "Forbidden" }, 403);
|
||||
}
|
||||
|
||||
let payload: Record<string, unknown> = {};
|
||||
try {
|
||||
payload = await req.json();
|
||||
} catch (_) {
|
||||
return jsonResponse({ error: "Invalid JSON" }, 400);
|
||||
}
|
||||
|
||||
const action = payload.action as string | undefined;
|
||||
const userId = payload.userId as string | undefined;
|
||||
if (!action || !userId) {
|
||||
return jsonResponse({ error: "Missing action or userId" }, 400);
|
||||
}
|
||||
|
||||
if (action == "get_user") {
|
||||
const { data, error } = await adminClient.auth.admin.getUserById(userId);
|
||||
if (error) {
|
||||
return jsonResponse({ error: error.message }, 400);
|
||||
}
|
||||
return jsonResponse({ user: data.user });
|
||||
}
|
||||
|
||||
if (action == "set_password") {
|
||||
const password = payload.password as string | undefined;
|
||||
if (!password || password.length < 8) {
|
||||
return jsonResponse({ error: "Password must be at least 8 characters" }, 400);
|
||||
}
|
||||
const { error } = await adminClient.auth.admin.updateUserById(userId, {
|
||||
password,
|
||||
});
|
||||
if (error) {
|
||||
return jsonResponse({ error: error.message }, 400);
|
||||
}
|
||||
return jsonResponse({ ok: true });
|
||||
}
|
||||
|
||||
if (action == "set_lock") {
|
||||
const locked = Boolean(payload.locked);
|
||||
const { error } = await adminClient.auth.admin.updateUserById(userId, {
|
||||
ban_duration: locked ? "100y" : "0s",
|
||||
});
|
||||
if (error) {
|
||||
return jsonResponse({ error: error.message }, 400);
|
||||
}
|
||||
return jsonResponse({ ok: true });
|
||||
}
|
||||
|
||||
return jsonResponse({ error: "Unknown action" }, 400);
|
||||
});
|
||||
Reference in New Issue
Block a user