diff --git a/src/routes/settings/admin/+page.server.ts b/src/routes/settings/admin/+page.server.ts
new file mode 100644
index 0000000..3837865
--- /dev/null
+++ b/src/routes/settings/admin/+page.server.ts
@@ -0,0 +1,12 @@
+import { error, redirect, type Actions } from "@sveltejs/kit";
+import type { PageServerLoad } from "./$types";
+
+export const load: PageServerLoad = async (event) => {
+ if (!event.locals.user) {
+ return redirect(302, "/login");
+ } else {
+ if (event.locals.user.role !== "admin") {
+ return redirect(302, "/settings");
+ }
+ }
+};
diff --git a/src/routes/settings/admin/+page.svelte b/src/routes/settings/admin/+page.svelte
new file mode 100644
index 0000000..fabd082
--- /dev/null
+++ b/src/routes/settings/admin/+page.svelte
@@ -0,0 +1,80 @@
+
+
+
+
+
+
+
+
+
+{#if errors.message}
+
+ {errors.message}
+
+{/if}
diff --git a/src/routes/signup/+page.server.ts b/src/routes/signup/+page.server.ts
index 691db63..298c418 100644
--- a/src/routes/signup/+page.server.ts
+++ b/src/routes/signup/+page.server.ts
@@ -1,6 +1,6 @@
// routes/signup/+page.server.ts
import { lucia } from "$lib/server/auth";
-import { fail, redirect } from "@sveltejs/kit";
+import { error, fail, redirect } from "@sveltejs/kit";
import { generateId } from "lucia";
import { Argon2id } from "oslo/password";
import { db } from "$lib/db/db.server";
@@ -17,6 +17,7 @@ export const actions: Actions = {
const password = formData.get("password");
const firstName = formData.get("first_name");
const lastName = formData.get("last_name");
+ let role: string = "";
// username must be between 4 ~ 31 characters, and only consists of lowercase letters, 0-9, -, and _
// keep in mind some database (e.g. mysql) are case insensitive
@@ -27,6 +28,15 @@ export const actions: Actions = {
});
}
+ if (!event.locals.user) {
+ role = "user";
+ }
+
+ if (event.locals.user && event.locals.user.role === "admin") {
+ const isAdmin = formData.get("role") === "on";
+ role = isAdmin ? "admin" : "user";
+ }
+
if (
typeof username !== "string" ||
username.length < 3 ||
@@ -91,18 +101,36 @@ export const actions: Actions = {
last_name: lastName,
hashed_password: hashedPassword,
signup_date: new Date(),
- role: "user",
+ role: role,
last_login: new Date(),
} as DatabaseUser)
.execute();
- const session = await lucia.createSession(userId, {});
- const sessionCookie = lucia.createSessionCookie(session.id);
- event.cookies.set(sessionCookie.name, sessionCookie.value, {
- path: ".",
- ...sessionCookie.attributes,
- });
+ if (!event.locals.user) {
+ const session = await lucia.createSession(userId, {});
+ const sessionCookie = lucia.createSessionCookie(session.id);
+ event.cookies.set(sessionCookie.name, sessionCookie.value, {
+ path: ".",
+ ...sessionCookie.attributes,
+ });
- redirect(302, "/");
+ redirect(302, "/");
+ } else {
+ if (event.locals.user && event.locals.user.role !== "admin") {
+ return error(403, {
+ message: "You are not authorized to add users",
+ });
+ }
+
+ return {
+ status: 200,
+ headers: {
+ "content-type": "application/json",
+ },
+ body: JSON.stringify({
+ message: "User created",
+ }),
+ };
+ }
},
};