feat: Add MFA verification for Super Admin users in middleware

2025-06-30 11:37:33 +03:00
parent b7f8d80e9f
commit 09a538d5aa
1 changed files with 17 additions and 12 deletions
--- a/middleware.ts
+++ b/middleware.ts
@@ -150,20 +150,25 @@ function getPatterns() {
          return NextResponse.redirect(new URL('/', req.nextUrl.origin).href);
        }

-        // check if we need to verify MFA (user is authenticated but needs to verify MFA)
-        // TODO: this mfa should only be applied to SUPER_ADMIN
-        // const isVerifyMfa = req.nextUrl.pathname === pathsConfig.auth.verifyMfa;
+        const client = createMiddlewareClient(req, res);
+        const userIsSuperAdmin = await isSuperAdmin(client);

-        // If user is logged in and does not need to verify MFA,
-        // redirect to home page.
-        // if (!isVerifyMfa) {
-        //   const nextPath =
-        //     req.nextUrl.searchParams.get('next') ?? pathsConfig.app.home;
+        if (userIsSuperAdmin) {
+          // check if we need to verify MFA (user is authenticated but needs to verify MFA)
+          const isVerifyMfa =
+            req.nextUrl.pathname === pathsConfig.auth.verifyMfa;

-        //   return NextResponse.redirect(
-        //     new URL(nextPath, req.nextUrl.origin).href,
-        //   );
-        // }
+          // If user is logged in and does not need to verify MFA,
+          // redirect to home page.
+          if (!isVerifyMfa) {
+            const nextPath =
+              req.nextUrl.searchParams.get('next') ?? pathsConfig.app.home;
+
+            return NextResponse.redirect(
+              new URL(nextPath, req.nextUrl.origin).href,
+            );
+          }
+        }
      },
    },
    {