Merge branch 'main' into 30-landing-page

HACC-2023 · Nov 11, 2023 · 5bd8373 · 5bd8373
2 parents 1d8ceac + 8d978ea
commit 5bd8373
Show file tree

Hide file tree

Showing 4 changed files with 186 additions and 133 deletions.
diff --git a/my-app/src/components/navbar/MobileNavbar.jsx b/my-app/src/components/navbar/MobileNavbar.jsx
@@ -5,6 +5,7 @@ import { useSession } from 'next-auth/react';
 // TODO switch to logout instead of org page if logged in?
 const MobileNavbar = () => {
   const { data: session, status } = useSession();
+  console.log(session);
   return (
     <div className="btm-nav md:hidden">
       <Link href="/home" className="hover:brightness-125 hover:bg-accent/10 transition-all">

diff --git a/my-app/src/middleware.js b/my-app/src/middleware.js
@@ -4,21 +4,17 @@ import { ROLES } from "./roles/roles";
 // Without a defined matcher, this one line applies next-auth to entire project
 // export { default } from "next-auth/middleware"
 
-export const ADMIN_ROUTES = [
-  "/admin",
-];
+export const ADMIN_ROUTES = ["/admin"];
 
-export const ORG_ADMIN_ROUTES = [
-  "/organization",
-]
+export const ORG_ADMIN_ROUTES = ["/organization"];
 
 export const MEMBER_ROUTES = [
   "/data-insights",
   "/events",
   "/home",
   "/thread",
   "/threads",
-]
+];
 
 export default withAuth(
   function middleware(request) {
@@ -28,12 +24,16 @@ export default withAuth(
       ADMIN_ROUTES.some((path) => request.nextUrl.pathname.startsWith(path)) &&
       request.nextauth.token?.role !== ROLES.ADMIN
     ) {
+      console.log("hello admin");
       return NextResponse.rewrite(new URL("/denied", request.url));
     }
 
     if (
-      ORG_ADMIN_ROUTES.some((path) => request.nextUrl.pathname.startsWith(path)) &&
-      request.nextauth.token?.role !== (ROLES.ORG_ADMIN || ROLES.ADMIN)
+      ORG_ADMIN_ROUTES.some((path) =>
+        request.nextUrl.pathname.startsWith(path)
+      ) &&
+      request.nextauth.token?.role !== ROLES.ORG_ADMIN &&
+      request.nextauth.token?.role !== ROLES.ADMIN
     ) {
       return NextResponse.rewrite(new URL("/denied", request.url));
     }

diff --git a/my-app/src/pages/api/auth/options.js b/my-app/src/pages/api/auth/options.js
@@ -2,6 +2,7 @@ import CredentialsProvider from "next-auth/providers/credentials";
 import connectDB from "@/lib/mongodb";
 import User from "@/models/user";
 import bcrypt from "bcryptjs";
+import Organization from "@/models/organization";
 
 // TODO: need to add MongoDB for user accounts. Temporarily using process.env
 export const options = {
@@ -27,11 +28,15 @@ export const options = {
           await connectDB();
           console.log("email", email);
           const user = await User.findOne({ email: email });
-          const users = await User.find({});
-          console.log("all users:", users);
+          const userOrganization = await Organization.findById(user.orgId);
+          // console.log("userOrganization:", userOrganization);
+          console.log("user", user);
           console.log("user:", user);
+          console.log("userOrganization", userOrganization.name);
+          const authorizedUser = { ...user._doc, orgName: userOrganization.name };
+          console.log("authorizedUser:", authorizedUser);
 
-          if (!user) {
+          if (!user || !userOrganization) {
             return null;
           }
 
@@ -42,7 +47,7 @@ export const options = {
             return null;
           }
 
-          return user;
+          return authorizedUser;
         } catch (error) {
           console.log("Error: ", error);
         }
@@ -58,7 +63,7 @@ export const options = {
         token.image = user.image;
         token.role = user.role;
         token.orgId = user.orgId;
-
+        token.orgName = user.orgName;
       }
       return token;
     },
@@ -70,14 +75,14 @@ export const options = {
         session.user.image = token.image;
         session.user.role = token.role;
         session.user.orgId = token.orgId;
-
+        session.user.orgName = token.orgName;
       }
       return session;
     },
   },
   pages: {
     signIn: "/auth/credentials-signin",
-    error: "/auth/signin"
+    error: "/auth/signin",
     // error: "/auth/error",
     // Error code passed in query string as ?error=
   },