continued the kita-planer
This commit is contained in:
t.indorf
+12
-5
@@ -8,7 +8,7 @@ import { prisma } from "@/lib/prisma";
|
||||
// =====================================================================
|
||||
// NextAuth.js (Auth.js v5) · Credentials-Provider mit JWT-Strategie
|
||||
// ---------------------------------------------------------------------
|
||||
// Mandantenfähigkeit: `id`, `role`, `kitaId` werden über die JWT-/Session-
|
||||
// Mandantenfähigkeit: `id`, `role`, `kitaId`, `familyId` werden über die JWT-/Session-
|
||||
// Callbacks aus der DB in jede Session durchgeschleift, damit jede
|
||||
// Server Action / API-Route den Tenant-Filter setzen kann.
|
||||
// =====================================================================
|
||||
@@ -80,6 +80,7 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
|
||||
name: `${user.firstName} ${user.lastName}`.trim(),
|
||||
role: user.role,
|
||||
kitaId: user.kitaId,
|
||||
familyId: user.familyId,
|
||||
};
|
||||
},
|
||||
}),
|
||||
@@ -97,22 +98,27 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
|
||||
token.id = user.id;
|
||||
token.role = user.role;
|
||||
token.kitaId = user.kitaId;
|
||||
token.familyId = user.familyId;
|
||||
return token;
|
||||
}
|
||||
|
||||
if (token.id) {
|
||||
const tokenUserId = token.id ?? token.sub;
|
||||
if (tokenUserId) {
|
||||
const fresh = await prisma.user.findUnique({
|
||||
where: { id: token.id },
|
||||
select: { role: true, kitaId: true },
|
||||
where: { id: tokenUserId },
|
||||
select: { role: true, kitaId: true, familyId: true },
|
||||
});
|
||||
if (!fresh) {
|
||||
// User wurde gelöscht → Token entwerten.
|
||||
// (Auth.js erkennt den fehlenden `sub`/`id` und meldet ab.)
|
||||
delete (token as Partial<typeof token>).id;
|
||||
delete (token as Partial<typeof token>).sub;
|
||||
return token;
|
||||
}
|
||||
token.id = tokenUserId;
|
||||
token.role = fresh.role;
|
||||
token.kitaId = fresh.kitaId;
|
||||
token.familyId = fresh.familyId;
|
||||
}
|
||||
|
||||
return token;
|
||||
@@ -125,9 +131,10 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
|
||||
*/
|
||||
async session({ session, token }) {
|
||||
if (token && session.user) {
|
||||
session.user.id = token.id;
|
||||
session.user.id = token.id ?? token.sub;
|
||||
session.user.role = token.role;
|
||||
session.user.kitaId = token.kitaId;
|
||||
session.user.familyId = token.familyId;
|
||||
}
|
||||
return session;
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user