feat: add role-based access control for admin panel authentication

This commit is contained in:
Buğra
2025-07-10 13:02:52 +03:00
parent fc6a9a5bcd
commit 5633ec92a1
2 changed files with 26 additions and 1 deletions
+2
View File
@@ -5,6 +5,8 @@ backend:
accept_roles: # ← the magic line accept_roles: # ← the magic line
- admin - admin
- editor - editor
# Explicitly block users without roles
squash_merges: true
media_folder: 'src/assets/images' media_folder: 'src/assets/images'
public_folder: '/_astro' public_folder: '/_astro'
+24 -1
View File
@@ -11,15 +11,38 @@
<!-- Include the script that builds the page and powers Decap CMS --> <!-- Include the script that builds the page and powers Decap CMS -->
<script src="https://unpkg.com/decap-cms@^3.0.0/dist/decap-cms.js"></script> <script src="https://unpkg.com/decap-cms@^3.0.0/dist/decap-cms.js"></script>
<script> <script>
// Initialize Netlify Identity widget // Initialize Netlify Identity widget with role checking
if (window.netlifyIdentity) { if (window.netlifyIdentity) {
window.netlifyIdentity.on('init', (user) => { window.netlifyIdentity.on('init', (user) => {
if (!user) { if (!user) {
window.netlifyIdentity.on('login', () => { window.netlifyIdentity.on('login', () => {
document.location.href = '/admin/'; document.location.href = '/admin/';
}); });
} else {
// Check if user has required roles
checkUserRole(user);
} }
}); });
window.netlifyIdentity.on('login', (user) => {
checkUserRole(user);
});
}
function checkUserRole(user) {
const allowedRoles = ['admin', 'editor'];
const userRoles = user.app_metadata?.roles || [];
// Check if user has any of the allowed roles
const hasAccess = allowedRoles.some(role => userRoles.includes(role));
if (!hasAccess) {
// User doesn't have required roles
alert('Erişim reddedildi. Bu alanı kullanmak için yönetici izni gereklidir.');
window.netlifyIdentity.logout();
window.location.href = '/';
return;
}
} }
</script> </script>
</body> </body>