pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-22 17:11:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

Refactor: Implement AAL2 enforcement fix

Browse Source
This commit is contained in:
gpt-engineer-app[bot]
2025-10-17 19:25:51 +00:00
parent 0eac7f3d7d
commit 5292045e7a
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/hooks/useAdminGuard.ts
View File

@@ -44,7 +44,7 @@ export interface AdminGuardState {
export function useAdminGuard(requireMFA: boolean = true): AdminGuardState {
const { user, loading: authLoading } = useAuth();
const { isModerator, loading: roleLoading } = useUserRole();
const { needsEnrollment, loading: mfaLoading } = useRequireMFA();
const { needsEnrollment, needsVerification, loading: mfaLoading } = useRequireMFA();
const navigate = useNavigate();
// Auto-redirect based on auth state
@@ -60,7 +60,8 @@ export function useAdminGuard(requireMFA: boolean = true): AdminGuardState {
const isLoading = authLoading || roleLoading || mfaLoading;
const isAuthorized = !!user && isModerator();
const needsMFA = requireMFA && needsEnrollment;
// Block access if EITHER not enrolled OR session is at AAL1 (needs verification)
const needsMFA = requireMFA && (needsEnrollment || needsVerification);
return {
isLoading,