Skip to content

Commit c4a0fb8

Browse files
JustinhSEJustinhSE
committed
admin change
1 parent e43143e commit c4a0fb8

File tree

2 files changed

+36
-74
lines changed

2 files changed

+36
-74
lines changed

src/App.tsx

Lines changed: 27 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,8 @@
1-
21
import { Toaster } from "@/components/ui/toaster";
32
import { Toaster as Sonner } from "@/components/ui/sonner";
43
import { TooltipProvider } from "@/components/ui/tooltip";
54
import { QueryClient, QueryClientProvider } from "@tanstack/react-query";
6-
import { BrowserRouter, Routes, Route, Navigate } from "react-router-dom";
5+
import { BrowserRouter, Routes, Route } from "react-router-dom";
76
import { AuthProvider } from "./utils/auth";
87
import AuthWrapper from "./components/AuthWrapper";
98

@@ -41,74 +40,74 @@ const App = () => (
4140
<Route path="/register" element={<Register />} />
4241

4342
{/* Protected member routes */}
44-
<Route
45-
path="/dashboard"
43+
<Route
44+
path="/dashboard"
4645
element={
4746
<AuthWrapper requireAuth>
4847
<Dashboard />
4948
</AuthWrapper>
50-
}
49+
}
5150
/>
52-
<Route
53-
path="/profile"
51+
<Route
52+
path="/profile"
5453
element={
5554
<AuthWrapper requireAuth>
5655
<Profile />
5756
</AuthWrapper>
58-
}
57+
}
5958
/>
60-
<Route
61-
path="/community"
59+
<Route
60+
path="/community"
6261
element={
6362
<AuthWrapper requireAuth>
6463
<Community />
6564
</AuthWrapper>
66-
}
65+
}
6766
/>
68-
<Route
69-
path="/meditations"
67+
<Route
68+
path="/meditations"
7069
element={
7170
<AuthWrapper requireAuth>
7271
<Meditations />
7372
</AuthWrapper>
74-
}
73+
}
7574
/>
76-
<Route
77-
path="/analytics"
75+
<Route
76+
path="/analytics"
7877
element={
7978
<AuthWrapper requireAuth>
8079
<Analytics />
8180
</AuthWrapper>
82-
}
81+
}
8382
/>
84-
<Route
85-
path="/map"
83+
<Route
84+
path="/map"
8685
element={
8786
<AuthWrapper requireAuth>
8887
<Map />
8988
</AuthWrapper>
90-
}
89+
}
9190
/>
9291

9392
{/* Admin routes */}
94-
<Route
95-
path="/admin"
93+
<Route
94+
path="/admin"
9695
element={
9796
<AuthWrapper requireAuth requireAdmin>
9897
<Admin />
9998
</AuthWrapper>
100-
}
99+
}
101100
/>
102101

103-
<Route
104-
path="/goodbye"
102+
<Route
103+
path="/goodbye"
105104
element={
106105
<AuthWrapper requireAuth>
107106
<Goodbye />
108107
</AuthWrapper>
109-
}
108+
}
110109
/>
111-
110+
112111
{/* Catch-all route */}
113112
<Route path="*" element={<NotFound />} />
114113
</Routes>
@@ -120,4 +119,4 @@ const App = () => (
120119
</QueryClientProvider>
121120
);
122121

123-
export default App;
122+
export default App;

src/utils/firebase.ts

Lines changed: 9 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -63,62 +63,25 @@ export { app, auth, db };
6363
// Secure way to check for admin permissions
6464
// This function uses a hash comparison approach to avoid exposing the email directly
6565
export const isUserAdmin = async (email: string): Promise<boolean> => {
66-
if (!db) return false;
67-
66+
if (!db) {
67+
console.error("Firebase db not initialized");
68+
return false;
69+
}
70+
6871
try {
69-
// First approach: Check if user has admin role in their profile
72+
// Query the Firestore users collection to check if the user with the given email has the role "admin"
7073
const usersRef = collection(db, 'users');
7174
const q = query(usersRef, where('email', '==', email), where('role', '==', 'admin'));
7275
const querySnapshot = await getDocs(q);
73-
74-
if (!querySnapshot.empty) {
75-
return true;
76-
}
77-
78-
// Second approach: Check against admins collection
79-
const adminsRef = collection(db, 'admins');
80-
const adminDoc = await getDoc(doc(adminsRef, 'authorized_emails'));
81-
82-
if (adminDoc.exists() && adminDoc.data().emails) {
83-
return adminDoc.data().emails.includes(email);
84-
}
85-
86-
// Fallback to hardcoded verification (using a hashed comparison for security)
87-
// This allows initial admin setup even if collections don't exist yet
88-
const adminHash = 'b42a70c370ad4562dbd5166f1275324fa254299f'; // SHA1 hash of "[email protected]"
89-
const emailHash = await sha1(email.trim().toLowerCase());
90-
91-
return emailHash === adminHash;
76+
77+
// If the query returns any documents, the user is an admin
78+
return !querySnapshot.empty;
9279
} catch (error) {
9380
console.error('Error checking admin status:', error);
9481
return false;
9582
}
9683
};
9784

98-
// Utility function to create SHA-1 hash for email comparison
99-
// This prevents exposing the actual admin email in the code
100-
async function sha1(str: string): Promise<string> {
101-
const buffer = new TextEncoder().encode(str);
102-
const hashBuffer = await crypto.subtle.digest('SHA-1', buffer);
103-
const hashArray = Array.from(new Uint8Array(hashBuffer));
104-
return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
105-
}
106-
107-
// Admin setup function (should be called once to set up the admin in Firestore)
108-
export const setupAdminUser = async () => {
109-
if (!db) return;
110-
111-
try {
112-
const adminsRef = collection(db, 'admins');
113-
await setDoc(doc(adminsRef, 'authorized_emails'), {
114-
emails: ['[email protected]']
115-
});
116-
117-
console.log('Admin setup complete');
118-
} catch (error) {
119-
console.error('Error setting up admin:', error);
120-
}
121-
};
12285

12386
// Auth functions with conditional checks to prevent errors
12487
export const login = async (email: string, password: string) => {

0 commit comments

Comments
 (0)