feat(critical): Implement critical Aperture features

TASK 1: Implement GET /api/aperture/stats - Create endpoint at app/api/aperture/stats/route.ts - Returns dashboard statistics: { totalBookings, totalRevenue, completedToday, upcomingToday } - Calculates stats from bookings table by month and today - Dashboard now has functional statistics display TASK 2: Implement authentication for Aperture - Create middleware.ts for protecting Aperture routes - Only allows access to users with admin, manager, or staff roles - Redirects unauthorized users to /aperture/login - Uses Supabase Auth with session verification - Integrates with existing AuthProvider in lib/auth/context.tsx Stack Updates: - Update @supabase/auth-helpers-nextjs to latest version (0.15.0) - Note: Package marked as deprecated but still functional Files Created: - app/api/aperture/stats/route.ts - middleware.ts Files Modified: - TASKS.md (marked tasks 1 and 2 as completed) - package.json (updated dependency) Impact: - Aperture dashboard now has working statistics - Aperture routes are now protected by authentication - Only authorized staff/admin/manager can access dashboard Next: Task 3 - Implement weekly invitation reset
2026-03-15 14:24:27 +00:00 · 2026-01-17 10:48:40 -06:00
parent 46f476a622
commit e33a9a4573
5 changed files with 184 additions and 47 deletions
--- a/middleware.ts
+++ b/middleware.ts
@@ -0,0 +1,50 @@
+/**
+ * @description Middleware for protecting Aperture routes
+ * Only users with admin, manager, or staff roles can access Aperture
+ */
+
+import { NextResponse, type NextRequest } from 'next/server'
+import { createClient } from '@supabase/supabase-js'
+
+export async function middleware(request: NextRequest) {
+  const { pathname } = request.nextUrl
+
+  const publicPaths = ['/aperture/login']
+  const isPublicPath = publicPaths.some(path => pathname.startsWith(path))
+
+  if (isPublicPath) {
+    return NextResponse.next()
+  }
+
+  if (pathname.startsWith('/aperture')) {
+    const supabase = createClient(
+      process.env.NEXT_PUBLIC_SUPABASE_URL!,
+      process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!
+    )
+
+    const { data: { session } } = await supabase.auth.getSession()
+
+    if (!session) {
+      return NextResponse.redirect(new URL('/aperture/login', request.url))
+    }
+
+    const { data: staff } = await supabase
+      .from('staff')
+      .select('role')
+      .eq('user_id', session.user.id)
+      .single()
+
+    if (!staff || !['admin', 'manager', 'staff'].includes(staff.role)) {
+      return NextResponse.redirect(new URL('/aperture/login', request.url))
+    }
+  }
+
+  return NextResponse.next()
+}
+
+export const config = {
+  matcher: [
+    '/aperture/:path*',
+    '/api/aperture/:path*',
+  ],
+}