feat: implement one-time admin token generation and upgrade process

This commit is contained in:
averel10
2026-03-13 08:11:40 +01:00
parent b9f6836f1a
commit cda21a60ec
6 changed files with 235 additions and 5 deletions

View File

@@ -0,0 +1,30 @@
'use server';
import { auth } from '@/lib/auth';
import db from '@/lib/db';
import { user } from '@/lib/model/auth-schema';
import { eq } from 'drizzle-orm';
import { headers } from 'next/headers';
import { verifyAdminToken } from './verify-admin-token';
export async function setUserAsAdmin(email: string, adminToken: string): Promise<{ success: boolean; error?: string }> {
// Verify the token is valid
const tokenResult = await verifyAdminToken(adminToken);
if (!tokenResult.valid) {
return { success: false, error: 'Invalid or expired admin token' };
}
try {
// Update user admin flag
await db.update(user).set({ admin: true }).where(eq(user.email, email));
// Clear the token so it can't be used again
delete process.env.ADMIN_SIGNUP_TOKEN;
return { success: true };
} catch (error) {
console.error('Error setting admin:', error);
return { success: false, error: 'Failed to set admin status' };
}
}

View File

@@ -0,0 +1,14 @@
'use server';
export async function verifyAdminToken(token: string): Promise<{ valid: boolean }> {
const storedToken = process.env.ADMIN_SIGNUP_TOKEN;
// Token is invalid if:
// 1. No token exists (already used or no token was generated)
// 2. Provided token doesn't match
if (!storedToken || token !== storedToken) {
return { valid: false };
}
return { valid: true };
}