feat: add role-based access control for admin panel authentication

This commit is contained in:
Buğra
2025-07-10 13:02:52 +03:00
parent fc6a9a5bcd
commit 5633ec92a1
2 changed files with 26 additions and 1 deletions
+24 -1
View File
@@ -11,15 +11,38 @@
<!-- Include the script that builds the page and powers Decap CMS -->
<script src="https://unpkg.com/decap-cms@^3.0.0/dist/decap-cms.js"></script>
<script>
// Initialize Netlify Identity widget
// Initialize Netlify Identity widget with role checking
if (window.netlifyIdentity) {
window.netlifyIdentity.on('init', (user) => {
if (!user) {
window.netlifyIdentity.on('login', () => {
document.location.href = '/admin/';
});
} else {
// Check if user has required roles
checkUserRole(user);
}
});
window.netlifyIdentity.on('login', (user) => {
checkUserRole(user);
});
}
function checkUserRole(user) {
const allowedRoles = ['admin', 'editor'];
const userRoles = user.app_metadata?.roles || [];
// Check if user has any of the allowed roles
const hasAccess = allowedRoles.some(role => userRoles.includes(role));
if (!hasAccess) {
// User doesn't have required roles
alert('Erişim reddedildi. Bu alanı kullanmak için yönetici izni gereklidir.');
window.netlifyIdentity.logout();
window.location.href = '/';
return;
}
}
</script>
</body>