use middleware on requests, add badges, add set admin script+docs for it

README.md

@@ -1,5 +1,10 @@
 # pontus-front
 
+[![Next.js](https://img.shields.io/badge/Next.js-black?logo=next.js&logoColor=white)](https://nextjs.org)
+[![shadcn/ui](https://img.shields.io/badge/shadcn%2Fui-000?logo=shadcnui&logoColor=fff)](https://ui.shadcn.com)
+[![Drizzle](https://img.shields.io/badge/Drizzle-C5F74F?logo=drizzle&logoColor=000)](https://orm.drizzle.team)
+[![Docker](https://img.shields.io/badge/Docker-2496ED?logo=docker&logoColor=fff)](https://docker.com)
+
 The source code for the p0ntus web frontend.
 
 ## Introduction
@@ -98,6 +103,12 @@ If you use a reverse proxy, don't forget to comment the ports section out like s
 ...
 ```
 
+To set yourself as an admin, you can run:
+
+```bash
+bun tools/set-admin.ts your@email.com
+```
+
 ## Setup for Development
 
 ### What you need
@@ -161,6 +172,12 @@ At any time, you can also run `docker compose up -d --build` to test in Docker.
 
 Now, open up http://localhost:3000 and see how it goes! Leave an Issue if you encounter any challenges or issues along the way.
 
+To set yourself as an admin, you can run:
+
+```bash
+bun tools/set-admin.ts your@email.com
+```
+
 ## Updating
 
 Updates are done through Forgejo (and mirrored GitHub). You can perform an update when there are new commits like so:

middleware.ts

@@ -1,6 +1,7 @@
 import { NextRequest, NextResponse } from 'next/server';
 
-const protectedRoutes = ['/dashboard', '/admin'];
+const protectedRoutes = ['/dashboard', '/admin', '/requests'];
+const ensureSignedOutRoutes = ['/login', '/register'];
 
 export async function middleware(request: NextRequest) {
   const { pathname } = request.nextUrl;
@@ -8,8 +9,17 @@ export async function middleware(request: NextRequest) {
   const isProtectedRoute = protectedRoutes.some(route =>
     pathname.startsWith(route)
   );
+  const isEnsureSignedOutRoute = ensureSignedOutRoutes.some(route =>
+    pathname.startsWith(route)
+  );
 
-  if (!isProtectedRoute) {
+  if (isEnsureSignedOutRoute) {
+    const sessionToken = request.cookies.get('better-auth.session_token')?.value || request.cookies.get('__Secure-better-auth.session_token')?.value;
+
+    if (sessionToken) {
+      return NextResponse.redirect(new URL('/dashboard', request.url));
+    }
+  } else if (!isProtectedRoute) {
     return NextResponse.next();
   }
 

tools/set-admin.ts

@@ -0,0 +1,41 @@
+import { db } from "../db";
+import { user } from "../db/schema";
+import { eq } from "drizzle-orm";
+
+async function setUserAsAdmin(email: string) {
+  try {
+    const existingUser = await db.select().from(user).where(eq(user.email, email));
+    if (existingUser.length === 0) {
+      console.error(`❌ "${email}" not found`);
+      process.exit(1);
+    }
+    if (existingUser[0].role === 'admin') {
+      console.log(`✓ "${email}" is already an admin`);
+      return;
+    }
+
+    await db.update(user)
+      .set({
+        role: 'admin',
+        updatedAt: new Date()
+      })
+      .where(eq(user.email, email));
+
+    console.log(`✓ Successfully set user "${email}" as admin`);
+    console.log(`  Email: ${existingUser[0].email}`);
+    console.log(`  ID: ${existingUser[0].id}`);
+  } catch (error) {
+    console.error("Error setting user as admin:", error);
+    process.exit(1);
+  }
+}
+
+const email = process.argv[2];
+
+if (!email) {
+  console.error("Usage: bun tools/set-admin.ts <email>");
+  console.error("Example: bun tools/set-admin.ts example@example.com");
+  process.exit(1);
+}
+
+setUserAsAdmin(email);