feat(auth): include user role in session and me responses (#113)

gui.do / barazo-api

fork atom

Barazo AppView backend barazo.forum

fork atom

authored by

Guido X Jansen and committed by

GitHub 2 weeks ago 5459ed0a bb308739

+6 -4

1 changed file

expand all

src

routes

auth.ts

+6 -4

src/routes/auth.ts

··· 261 261 maxAge: sessionTtl, 262 262 }) 263 263 264 - // Fetch profile data (displayName, avatarUrl) from users table 264 + // Fetch profile data (displayName, avatarUrl, role) from users table 265 265 const userRows = await app.db 266 - .select({ displayName: users.displayName, avatarUrl: users.avatarUrl }) 266 + .select({ displayName: users.displayName, avatarUrl: users.avatarUrl, role: users.role }) 267 267 .from(users) 268 268 .where(eq(users.did, session.did)) 269 269 ··· 280 280 handle: session.handle, 281 281 displayName: userRows[0]?.displayName ?? null, 282 282 avatarUrl: userRows[0]?.avatarUrl ?? null, 283 + role: userRows[0]?.role ?? 'user', 283 284 crossPostScopesGranted: prefRows[0]?.crossPostScopesGranted ?? false, 284 285 }) 285 286 } catch (err: unknown) { ··· 329 330 return await reply.status(401).send({ error: 'Invalid or expired token' }) 330 331 } 331 332 332 - // Fetch profile data (displayName, avatarUrl) from users table 333 + // Fetch profile data (displayName, avatarUrl, role) from users table 333 334 const meUserRows = await app.db 334 - .select({ displayName: users.displayName, avatarUrl: users.avatarUrl }) 335 + .select({ displayName: users.displayName, avatarUrl: users.avatarUrl, role: users.role }) 335 336 .from(users) 336 337 .where(eq(users.did, session.did)) 337 338 ··· 346 347 handle: session.handle, 347 348 displayName: meUserRows[0]?.displayName ?? null, 348 349 avatarUrl: meUserRows[0]?.avatarUrl ?? null, 350 + role: meUserRows[0]?.role ?? 'user', 349 351 crossPostScopesGranted: mePrefRows[0]?.crossPostScopesGranted ?? false, 350 352 }) 351 353 } catch (err: unknown) {