make isAdminSession usable by api routes

lib/session.ts

@@ -12,17 +12,20 @@ export default function withSession(handler: Handler) {
       // the next line allows to use the session in non-https environements like
       // Next.js dev mode (http://localhost:3000)
       secure: process.env.NODE_ENV === 'production',
-      path: '/admin',
     },
   })
 }
 
-export const isAdminSession = function (req: any, res: any) {
+export function isAdminSession(req: any, res: any) {
   const user = req?.session.get('user')
   if (user && user.role === 'admin') {
     return user
   }
 
+  return false
+}
+
+export function redirectToLogin(req: any, res: any) {
   const redirectTargetUrl = `${getBaseURL()}/admin/login?redirect=${encodeURIComponent(
     req.url
   )}`
@@ -31,6 +34,4 @@ export const isAdminSession = function (req: any, res: any) {
     Location: redirectTargetUrl,
   })
   res.end()
-
-  return false
 }

pages/admin/booking/[uuid]/bill.tsx

@@ -11,7 +11,10 @@ import { getMilageMax } from '../../../../db/index'
 import { dateFormatFrontend } from '../../../../helpers/date'
 import { getBillTotal } from '../../../../helpers/bill'
 import { getBookingStatus } from '../../../../helpers/booking'
-import withSession, { isAdminSession } from '../../../../lib/session'
+import withSession, {
+  isAdminSession,
+  redirectToLogin,
+} from '../../../../lib/session'
 import { getServerSideBooking } from '../../../../lib/getServerSideProps'
 
 export const getServerSideProps: GetServerSideProps = withSession(
@@ -21,6 +24,7 @@ export const getServerSideProps: GetServerSideProps = withSession(
     const adminUser = isAdminSession(req, res)
 
     if (!adminUser) {
+      redirectToLogin(req, res)
       return { props: {} }
     }
 

pages/admin/booking/[uuid]/index.tsx

@@ -3,7 +3,10 @@ import { GetServerSideProps } from 'next'
 import Footer from '../../../../components/footer'
 import Header from '../../../../components/header'
 import Calendar from '../../../../components/calendar'
-import withSession, { isAdminSession } from '../../../../lib/session'
+import withSession, {
+  isAdminSession,
+  redirectToLogin,
+} from '../../../../lib/session'
 import { getServerSideBooking } from '../../../../lib/getServerSideProps'
 import { BookingDocument } from '../../../../db/booking'
 import { getBookingStatus } from '../../../../helpers/booking'
@@ -14,10 +17,10 @@ export const getServerSideProps: GetServerSideProps = withSession(
   async (context) => {
     const { req, res } = context
 
-    console.error('here')
     const adminUser = isAdminSession(req, res)
 
     if (!adminUser) {
+      redirectToLogin(req, res)
       return { props: {} }
     }
 

pages/api/admin/booking/[uuid]/bill.ts

@@ -4,6 +4,7 @@ import withSession, { isAdminSession } from '../../../../../lib/session'
 
 export default withSession(async function billHandler(req, res) {
   if (!isAdminSession(req, res)) {
+    res.status(403).send({ message: 'Not Authorized' })
     return
   }
 

pages/api/admin/booking/[uuid]/index.ts

@@ -9,6 +9,7 @@ import { BOOKING_STATUS } from '../../../../../db/enums'
 
 export default withSession(async function bookingHandler(req, res) {
   if (!isAdminSession(req, res)) {
+    res.status(403).send({ message: 'Not Authorized' })
     return
   }
 
@@ -42,8 +43,10 @@ export default withSession(async function bookingHandler(req, res) {
 
       if (booking.status === BOOKING_STATUS.CONFIRMED) {
         sendBookingConfirmed(booking)
+        console.log(`Booking ${booking.uuid} confirm sent`)
       } else if (booking.status === BOOKING_STATUS.REJECTED) {
         sendBookingRejected(booking)
+        console.log(`Booking ${booking.uuid} rejected sent`)
       }
 
       break