Skip to content

Commit

Permalink
JWT only for admins
Browse files Browse the repository at this point in the history
  • Loading branch information
carletex committed Feb 16, 2024
1 parent 02a96e3 commit 899e282
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions packages/nextjs/app/api/auth/siwe/route.tsx
Original file line number Diff line number Diff line change
@@ -1,14 +1,15 @@
import jwt from "jsonwebtoken";
import { verifyMessage } from "viem";
import { findUserByAddress } from "~~/services/database/users";

// import { findUserByAddress } from "~~/services/database/users";

// ToDo. Only for admins?
export async function POST(request: Request) {
const { signature, address } = await request.json();
if (!process.env.JWT_SECRET) return new Response("Internal Server Error: JWT", { status: 500 });
if (!signature || !address) return new Response("Bad Request", { status: 400 });

const user = await findUserByAddress(address);
if (!user.exists || user.data?.role !== "admin") return new Response("Unauthorized", { status: 401 });

const signedMessage = `I want to sign in to grants.buidlguidl.com as ${address}`;
const isMessageValid = await verifyMessage({ message: signedMessage, signature, address });

Expand Down

0 comments on commit 899e282

Please sign in to comment.