initiation librodrome

This commit is contained in:
Yvv
2026-02-20 12:55:10 +01:00
commit 35e2897a73
208 changed files with 18951 additions and 0 deletions

View File

@@ -0,0 +1,24 @@
export default defineEventHandler((event) => {
const path = getRequestURL(event).pathname
// Only protect /api/admin/* routes, excluding auth endpoints
if (!path.startsWith('/api/admin/')) return
if (path.startsWith('/api/admin/auth/')) return
const config = useRuntimeConfig()
if (!config.adminSecret) {
throw createError({ statusCode: 503, statusMessage: 'Admin not configured' })
}
const token = getAdminToken(event)
if (!token) {
throw createError({ statusCode: 401, statusMessage: 'Not authenticated' })
}
const payload = verifyToken(token, config.adminSecret)
if (!payload) {
clearAdminCookie(event)
throw createError({ statusCode: 401, statusMessage: 'Invalid or expired token' })
}
})