forked from RiseUP/riseup-squad18
53 lines
1.2 KiB
TypeScript
53 lines
1.2 KiB
TypeScript
import { createClient } from "https://esm.sh/@supabase/supabase-js@2";
|
|
|
|
// Helper para validar JWT e extrair user_id
|
|
export async function validateAuth(
|
|
req: Request
|
|
): Promise<{ userId: string; role: string } | null> {
|
|
const authHeader = req.headers.get("Authorization");
|
|
|
|
if (!authHeader || !authHeader.startsWith("Bearer ")) {
|
|
return null;
|
|
}
|
|
|
|
const token = authHeader.replace("Bearer ", "");
|
|
|
|
// Validar token com Supabase
|
|
const MY_URL =
|
|
Deno.env.get("SUPABASE_URL") || "https://etblfypcxxtvvuqjkrgd.supabase.co";
|
|
const MY_KEY =
|
|
Deno.env.get("SUPABASE_SERVICE_ROLE_KEY") ||
|
|
Deno.env.get("SUPABASE_SERVICE_KEY")!;
|
|
|
|
const supabase = createClient(MY_URL, MY_KEY);
|
|
|
|
const {
|
|
data: { user },
|
|
error,
|
|
} = await supabase.auth.getUser(token);
|
|
|
|
if (error || !user) {
|
|
return null;
|
|
}
|
|
|
|
// Buscar role do usuário
|
|
const { data: userRole } = await supabase
|
|
.from("user_roles")
|
|
.select("role")
|
|
.eq("user_id", user.id)
|
|
.single();
|
|
|
|
return {
|
|
userId: user.id,
|
|
role: userRole?.role || "patient",
|
|
};
|
|
}
|
|
|
|
// Helper para verificar permissões
|
|
export function hasPermission(
|
|
userRole: string,
|
|
requiredRoles: string[]
|
|
): boolean {
|
|
return requiredRoles.includes(userRole);
|
|
}
|