tmiller/pokemon
1
0
Fork 1
Code Issues 4 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

[feat] override inventory access in .env

Browse Source
This commit is contained in:
Thad Miller
2026-04-09 14:21:26 -04:00
parent 9a8008fc92
commit ed049da3d2
2 changed files with 22 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/middleware.ts
View File

@@ -1,11 +1,21 @@
import { clerkMiddleware, createRouteMatcher, clerkClient } from '@clerk/astro/server';
import type { MiddlewareNext } from 'astro';
import 'dotenv/config';
declare global {
namespace App {
interface Locals {
canAddInventory: boolean;
}
}
}
const isProtectedRoute = createRouteMatcher(['/pokemon']);
const isAdminRoute = createRouteMatcher(['/admin']);
const TARGET_ORG_ID = "org_3Baav9czkRLLlC7g89oJWqRRulK";
export const onRequest = clerkMiddleware(async (auth, context) => {
export const onRequest = clerkMiddleware(async (auth, context, next) => {
const { isAuthenticated, userId, redirectToSignIn, has } = auth();
if (!isAuthenticated && isProtectedRoute(context.request)) {
@@ -14,16 +24,18 @@ export const onRequest = clerkMiddleware(async (auth, context) => {
// ── Inventory visibility check ──────────────────────────────────────────────
// Resolves to true if the user belongs to the target org OR has the feature
const canAddInventory =
isAuthenticated &&
userId &&
const canAddInventory = process.env.INVENTORY_ACCESS === 'true' ||
(
has({ permission: "org:feature:inventory_add" }) || // Clerk feature flag
(await getUserOrgIds(context, userId)).includes(TARGET_ORG_ID)
isAuthenticated &&
userId &&
(
!!has({ permission: "org:feature:inventory_add" }) || // Clerk feature flag
(await getUserOrgIds(context, userId)).includes(TARGET_ORG_ID)
)
);
// Expose the flag to your Astro pages via locals
context.locals.canAddInventory = canAddInventory ?? false;
context.locals.canAddInventory = Boolean(canAddInventory);
// ── Admin route guard (unchanged) ───────────────────────────────────────────
if (isAdminRoute(context.request)) {
@@ -49,6 +61,8 @@ export const onRequest = clerkMiddleware(async (auth, context) => {
return context.redirect("/");
}
}
return next();
});
// ── Helper: fetch all org IDs the current user belongs to ───────────────────