66 lines
2.2 KiB
TypeScript
66 lines
2.2 KiB
TypeScript
/* eslint-disable @typescript-eslint/no-explicit-any */
|
|
import { NextRequest, NextResponse } from 'next/server'
|
|
import { createClient } from '@/lib/supabase/server'
|
|
import { createAdminClient } from '@/lib/supabase/server'
|
|
|
|
async function assertAdmin() {
|
|
const supabase = await createClient()
|
|
const db = supabase as any
|
|
const { data: { user }, error } = await supabase.auth.getUser()
|
|
if (error || !user) return null
|
|
const { data: profile } = await db.from('profiles').select('role').eq('id', user.id).single()
|
|
if (profile?.role !== 'admin') return null
|
|
return user
|
|
}
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const caller = await assertAdmin()
|
|
if (!caller) return NextResponse.json({ error: 'Accès refusé' }, { status: 403 })
|
|
|
|
const { email, password, username, role } = await request.json()
|
|
|
|
if (!email?.trim() || !password?.trim() || !username?.trim()) {
|
|
return NextResponse.json({ error: 'Email, mot de passe et nom d\'utilisateur sont requis' }, { status: 400 })
|
|
}
|
|
if (!['admin', 'formateur'].includes(role)) {
|
|
return NextResponse.json({ error: 'Rôle invalide' }, { status: 400 })
|
|
}
|
|
if (password.length < 8) {
|
|
return NextResponse.json({ error: 'Le mot de passe doit contenir au moins 8 caractères' }, { status: 400 })
|
|
}
|
|
|
|
const admin = createAdminClient()
|
|
|
|
// Créer l'utilisateur Supabase Auth (le trigger handle_new_user créera le profil)
|
|
const { data: newUser, error: createError } = await admin.auth.admin.createUser({
|
|
email: email.trim(),
|
|
password,
|
|
email_confirm: true,
|
|
user_metadata: {
|
|
username: username.trim(),
|
|
role,
|
|
},
|
|
})
|
|
|
|
if (createError) {
|
|
const msg = createError.message.includes('already')
|
|
? 'Un compte avec cet email existe déjà'
|
|
: createError.message
|
|
return NextResponse.json({ error: msg }, { status: 400 })
|
|
}
|
|
|
|
return NextResponse.json({
|
|
success: true,
|
|
user: {
|
|
id: newUser.user.id,
|
|
email: newUser.user.email,
|
|
username: username.trim(),
|
|
role,
|
|
},
|
|
})
|
|
} catch {
|
|
return NextResponse.json({ error: 'Erreur serveur' }, { status: 500 })
|
|
}
|
|
}
|