enguerrandbusiness/obc-terrassement
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
obc-terrassement/app/api/admin/candidatures/route.ts
Claude 1d0bd349fd feat: secure admin panel with Supabase auth + course management CRUD 
- Replace ADMIN_SECRET query param with proper Supabase auth + is_admin flag
- Add admin layout with auth check (redirects non-admin to /)
- Add AdminShell component with sidebar navigation (Dashboard, Candidatures, Cours)
- Add admin dashboard with stats (candidatures, users, modules)
- Add admin candidatures page with filters and approve/reject
- Add admin course management page (create, edit, delete, publish/unpublish)
- Add API routes: GET/POST /api/admin/modules, GET/PUT/DELETE /api/admin/modules/[id]
- Add verifyAdmin() helper for API route protection
- Update database types with is_admin on profiles

https://claude.ai/code/session_01H2aRGDaKgarPvhay2HxN6Y
2026-02-10 13:25:58 +00:00

29 lines
879 B
TypeScript
Raw Permalink Blame History

import { NextResponse } from "next/server";
import { createAdminClient } from "@/lib/supabase/server";
import { verifyAdmin, isAdminError } from "@/lib/admin";
export const runtime = "nodejs";
// GET /api/admin/candidatures - Lister toutes les candidatures
// Sécurisé par auth Supabase + vérification is_admin
export async function GET() {
const auth = await verifyAdmin();
if (isAdminError(auth)) {
return NextResponse.json({ error: auth.error }, { status: auth.status });
}
const supabase = createAdminClient();
const { data, error } = await supabase
.from("candidatures")
.select("*")
.order("created_at", { ascending: false });
if (error) {
console.error("Erreur récupération candidatures:", error);
return NextResponse.json({ error: error.message }, { status: 500 });
}
return NextResponse.json({ candidatures: data });
}
Reference in New Issue View Git Blame Copy Permalink