52 lines
1.1 KiB
TypeScript
52 lines
1.1 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server';
|
|
|
|
import { Role } from '@/prisma/generated/client';
|
|
import db from '@/lib/db';
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const { email } = await request.json();
|
|
|
|
if (!email) {
|
|
return NextResponse.json({ error: 'Email is required' }, { status: 400 });
|
|
}
|
|
|
|
const user = await db.user.findUnique({
|
|
where: { email },
|
|
select: { role: true, name: true, id: true },
|
|
});
|
|
|
|
if (!user) {
|
|
return NextResponse.json(
|
|
{ error: 'User not found in database' },
|
|
{ status: 404 }
|
|
);
|
|
}
|
|
|
|
if (user.role !== Role.Admin) {
|
|
return NextResponse.json(
|
|
{
|
|
error:
|
|
'Access denied. Only administrators can access this application.',
|
|
},
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
|
|
return NextResponse.json({
|
|
success: true,
|
|
user: {
|
|
id: user.id,
|
|
name: user.name,
|
|
role: user.role,
|
|
},
|
|
});
|
|
} catch (error) {
|
|
console.error('Role check error:', error);
|
|
return NextResponse.json(
|
|
{ error: 'Internal server error' },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|