bas/solelog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(api): include role in /api/me + allow admin origin in CORS

Browse Source 
Add `role: Role` to the shared `PublicUser` contract and return it from
`GET /api/me` (defaulting to 'worker' when the session user has no role).
This lets the planned admin app gate access by role.

Also add the admin dev origin `http://localhost:5174` to the default
`WEB_ORIGINS` (env.ts) and to `.env.example`, so the admin SPA on :5174 can
reach the API at :3000 cross-origin (drives both hono/cors and better-auth
trustedOrigins).
This commit is contained in:
Bas van Rossem
2026-06-17 18:53:39 +02:00
parent bb0a0b2a57
commit 02b7522b87
6 changed files with 50 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
packages/shared/src/index.ts
View File

@@ -5,10 +5,14 @@ export const HealthResponse = z.object({
});
export type HealthResponse = z.infer<typeof HealthResponse>;
export const Role = z.enum(['worker', 'admin']);
export type Role = z.infer<typeof Role>;
export const PublicUser = z.object({
id: z.string(),
email: z.string().email(),
name: z.string(),
role: Role,
});
export type PublicUser = z.infer<typeof PublicUser>;
@@ -20,9 +24,6 @@ export type MeResponse = z.infer<typeof MeResponse>;
export const InsoleType = z.enum(['Kurk', 'Berk', '3D']);
export type InsoleType = z.infer<typeof InsoleType>;
export const Role = z.enum(['worker', 'admin']);
export type Role = z.infer<typeof Role>;
export const Activity = z.object({
id: z.number().int(),
name: z.string(),