Auth & Permissions#

requireAuth Middleware#

Add requireAuth to routes that need authentication:

typescriptimport { requireAuth } from "@/middleware/auth"

todosRouter.get("/list", requireAuth, async (req, res) => {
  const { user_id } = req.user!
  // ...
})

It will:

  1. Extract JWT from Authorization: Bearer {token}
  2. Verify token validity
  3. Set req.user

Request Context#

typescript// req.user structure
{
  user_id: string    // User ID
  email: string      // Primary email
  role: string       // System role: owner / member
}

Roles#

RoleSourceDescription
ownerusers.roleSystem admin, can access admin panel
memberusers.roleRegular user (default)

Permission Check#

typescriptrouter.get("/admin-only", requireAuth, async (req, res) => {
  if (req.user!.role !== "owner") {
    return sendError(res, 403, "Requires admin access")
  }
  // Admin logic
})

Admin Management#

bashnpm run owner:set your@email.com     # Set admin
npm run owner:remove your@email.com  # Remove admin
npm run owner:list                   # List admins

Frontend Menu Filtering#

Admin pages live under src/routes/_app/owner/. The sidebar filters menu items by user.role — only users with role owner see the admin entries.

PreviousAdd API EndpointNextCredits System