feat: add admin setup page and login redirect for admins

- Add /setup-admin page for first-time admin account creation - Add /api/admin/setup route (only works when no admin exists) - Update login to redirect admins to /admin instead of /dashboard - Setup page creates auth user + profile with is_admin=true https://claude.ai/code/session_01H2aRGDaKgarPvhay2HxN6Y
2026-02-10 13:33:52 +00:00
parent 1d0bd349fd
commit 9ae7dd2d2d
3 changed files with 247 additions and 1 deletions
--- a/app/api/admin/setup/route.ts
+++ b/app/api/admin/setup/route.ts
@@ -0,0 +1,86 @@
+import { NextResponse } from "next/server";
+import { createAdminClient } from "@/lib/supabase/server";
+
+export const runtime = "nodejs";
+
+// POST /api/admin/setup - Créer le premier compte admin
+// Ne fonctionne QUE s'il n'existe aucun admin dans la base
+export async function POST(request: Request) {
+  const supabase = createAdminClient();
+
+  // Vérifier qu'aucun admin n'existe
+  const { data: existingAdmins } = await supabase
+    .from("profiles")
+    .select("id")
+    .eq("is_admin", true);
+
+  if (existingAdmins && existingAdmins.length > 0) {
+    return NextResponse.json(
+      { error: "Un compte admin existe déjà. Cette route est désactivée." },
+      { status: 403 }
+    );
+  }
+
+  const body = await request.json();
+  const { email, password, full_name } = body;
+
+  if (!email || !password) {
+    return NextResponse.json({ error: "Email et mot de passe requis." }, { status: 400 });
+  }
+
+  if (password.length < 8) {
+    return NextResponse.json({ error: "Le mot de passe doit contenir au moins 8 caractères." }, { status: 400 });
+  }
+
+  // Créer le compte auth Supabase
+  const { data: authUser, error: authError } = await supabase.auth.admin.createUser({
+    email,
+    password,
+    email_confirm: true,
+    user_metadata: { full_name: full_name || "Admin" },
+  });
+
+  if (authError) {
+    console.error("Erreur création admin:", authError);
+    return NextResponse.json({ error: authError.message }, { status: 500 });
+  }
+
+  if (!authUser.user) {
+    return NextResponse.json({ error: "Erreur lors de la création du compte." }, { status: 500 });
+  }
+
+  // Mettre à jour le profil en admin
+  // Le profil est normalement créé par un trigger Supabase
+  // On attend un instant puis on le met à jour
+  // Si pas de trigger, on le crée manuellement
+  const { data: existingProfile } = await supabase
+    .from("profiles")
+    .select("id")
+    .eq("id", authUser.user.id)
+    .single();
+
+  if (existingProfile) {
+    await supabase
+      .from("profiles")
+      .update({
+        is_admin: true,
+        full_name: full_name || "Admin",
+        subscription_status: "active",
+      } as never)
+      .eq("id", authUser.user.id);
+  } else {
+    // Créer le profil manuellement
+    await supabase.from("profiles").insert({
+      id: authUser.user.id,
+      email,
+      full_name: full_name || "Admin",
+      is_admin: true,
+      subscription_status: "active",
+    } as never);
+  }
+
+  return NextResponse.json({
+    success: true,
+    message: "Compte admin créé avec succès ! Connecte-toi sur /login puis va sur /admin.",
+  });
+}
--- a/app/login/page.tsx
+++ b/app/login/page.tsx
@@ -21,7 +21,7 @@ export default function LoginPage() {

    try {
      const supabase = createClient();
-      const { error: authError } = await supabase.auth.signInWithPassword({
+      const { data: authData, error: authError } = await supabase.auth.signInWithPassword({
        email,
        password,
      });
@@ -35,6 +35,21 @@ export default function LoginPage() {
        return;
      }

+      // Vérifier si l'utilisateur est admin pour la redirection
+      if (authData.user) {
+        const { data: profile } = await supabase
+          .from("profiles")
+          .select("is_admin")
+          .eq("id", authData.user.id)
+          .single();
+
+        if (profile && (profile as { is_admin?: boolean }).is_admin) {
+          router.push("/admin");
+          router.refresh();
+          return;
+        }
+      }
+
      router.push("/dashboard");
      router.refresh();
    } catch {
--- a/app/setup-admin/page.tsx
+++ b/app/setup-admin/page.tsx
@@ -0,0 +1,145 @@
+"use client";
+
+import { useState } from "react";
+import Link from "next/link";
+
+export default function AdminSetupPage() {
+  const [fullName, setFullName] = useState("");
+  const [email, setEmail] = useState("");
+  const [password, setPassword] = useState("");
+  const [loading, setLoading] = useState(false);
+  const [error, setError] = useState<string | null>(null);
+  const [success, setSuccess] = useState(false);
+
+  const handleSetup = async (e: React.FormEvent) => {
+    e.preventDefault();
+    setLoading(true);
+    setError(null);
+
+    try {
+      const res = await fetch("/api/admin/setup", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ email, password, full_name: fullName }),
+      });
+
+      const data = await res.json();
+      if (!res.ok) throw new Error(data.error);
+
+      setSuccess(true);
+    } catch (err) {
+      setError(err instanceof Error ? err.message : "Erreur lors de la création.");
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  if (success) {
+    return (
+      <main className="min-h-screen flex items-center justify-center px-4">
+        <div className="w-full max-w-md text-center">
+          <div className="bg-dark-light border border-dark-border rounded-[20px] p-8">
+            <div className="w-16 h-16 gradient-bg rounded-2xl flex items-center justify-center mx-auto mb-6">
+              <svg className="w-8 h-8 text-white" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+                <path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M5 13l4 4L19 7" />
+              </svg>
+            </div>
+            <h1 className="text-2xl font-bold text-white mb-2">Compte admin créé !</h1>
+            <p className="text-white/60 text-sm mb-6">
+              Ton compte admin a été créé avec succès. Connecte-toi pour accéder au panel d&apos;administration.
+            </p>
+            <Link
+              href="/login"
+              className="inline-block px-6 py-3 gradient-bg text-white font-semibold rounded-xl"
+            >
+              Se connecter
+            </Link>
+          </div>
+        </div>
+      </main>
+    );
+  }
+
+  return (
+    <main className="min-h-screen flex items-center justify-center px-4">
+      <div className="w-full max-w-md">
+        <div className="text-center mb-8">
+          <div className="inline-flex items-center gap-2 mb-6">
+            <div className="w-10 h-10 gradient-bg rounded-xl flex items-center justify-center">
+              <span className="text-white font-bold">H</span>
+            </div>
+            <span className="text-2xl font-bold text-white">
+              Hook<span className="gradient-text">Lab</span>
+            </span>
+          </div>
+          <h1 className="text-2xl font-bold text-white mb-2">Configuration admin</h1>
+          <p className="text-white/60 text-sm">
+            Crée ton compte administrateur. Cette page ne fonctionne qu&apos;une seule fois.
+          </p>
+        </div>
+
+        <div className="bg-dark-light border border-dark-border rounded-[20px] p-6 md:p-8">
+          <form onSubmit={handleSetup} className="space-y-5">
+            <div>
+              <label htmlFor="fullName" className="block text-sm font-medium text-white/80 mb-1.5">
+                Nom complet
+              </label>
+              <input
+                id="fullName"
+                type="text"
+                placeholder="Enguerrand Ozano"
+                value={fullName}
+                onChange={(e) => setFullName(e.target.value)}
+                required
+                className="w-full px-4 py-3 bg-dark-lighter border border-dark-border rounded-xl text-white placeholder-white/30 text-sm focus:outline-none focus:border-primary"
+              />
+            </div>
+            <div>
+              <label htmlFor="email" className="block text-sm font-medium text-white/80 mb-1.5">
+                Email
+              </label>
+              <input
+                id="email"
+                type="email"
+                placeholder="ton@email.com"
+                value={email}
+                onChange={(e) => setEmail(e.target.value)}
+                required
+                className="w-full px-4 py-3 bg-dark-lighter border border-dark-border rounded-xl text-white placeholder-white/30 text-sm focus:outline-none focus:border-primary"
+              />
+            </div>
+            <div>
+              <label htmlFor="password" className="block text-sm font-medium text-white/80 mb-1.5">
+                Mot de passe
+              </label>
+              <input
+                id="password"
+                type="password"
+                placeholder="Minimum 8 caractères"
+                value={password}
+                onChange={(e) => setPassword(e.target.value)}
+                required
+                minLength={8}
+                className="w-full px-4 py-3 bg-dark-lighter border border-dark-border rounded-xl text-white placeholder-white/30 text-sm focus:outline-none focus:border-primary"
+              />
+            </div>
+
+            {error && (
+              <div className="p-3 bg-error/10 border border-error/20 rounded-xl">
+                <p className="text-error text-sm">{error}</p>
+              </div>
+            )}
+
+            <button
+              type="submit"
+              disabled={loading}
+              className="w-full py-3 gradient-bg text-white font-semibold rounded-xl disabled:opacity-50 cursor-pointer"
+            >
+              {loading ? "Création en cours..." : "Créer le compte admin"}
+            </button>
+          </form>
+        </div>
+      </div>
+    </main>
+  );
+}