74 lines
2.4 KiB
TypeScript
74 lines
2.4 KiB
TypeScript
import { serve } from 'https://deno.land/std@0.168.0/http/server.ts';
|
|
import { createClient } from 'https://esm.sh/@supabase/supabase-js@2.39.3';
|
|
|
|
const CLERK_SECRET_KEY = Deno.env.get('CLERK_SECRET_KEY')!;
|
|
|
|
const corsHeaders = {
|
|
'Access-Control-Allow-Origin': '*',
|
|
'Access-Control-Allow-Headers': 'authorization, x-client-info, apikey, content-type',
|
|
};
|
|
|
|
serve(async (req) => {
|
|
// Handle CORS
|
|
if (req.method === 'OPTIONS') {
|
|
return new Response(null, { headers: corsHeaders });
|
|
}
|
|
|
|
try {
|
|
const authHeader = req.headers.get('Authorization');
|
|
if (!authHeader) throw new Error('No authorization header');
|
|
|
|
const token = authHeader.replace('Bearer ', '');
|
|
const parts = token.split('.');
|
|
if (parts.length !== 3) throw new Error('Invalid token');
|
|
const payload = JSON.parse(atob(parts[1]));
|
|
const callerClerkId = payload.sub;
|
|
|
|
const supabaseService = createClient(
|
|
Deno.env.get('SUPABASE_URL')!,
|
|
Deno.env.get('SUPABASE_SERVICE_ROLE_KEY')!
|
|
);
|
|
|
|
// Check if caller is admin
|
|
const { data: profile, error: profileError } = await supabaseService
|
|
.from('profiles')
|
|
.select('role')
|
|
.eq('clerk_user_id', callerClerkId)
|
|
.single();
|
|
|
|
if (profileError || profile?.role !== 'admin') {
|
|
return new Response(JSON.stringify({ error: 'Forbidden' }), { status: 403, headers: { ...corsHeaders, 'Content-Type': 'application/json' } });
|
|
}
|
|
|
|
const { targetClerkId } = await req.json();
|
|
|
|
if (!targetClerkId) {
|
|
return new Response(JSON.stringify({ error: 'targetClerkId is required' }), { status: 400, headers: { ...corsHeaders, 'Content-Type': 'application/json' } });
|
|
}
|
|
|
|
// Delete user from Clerk
|
|
const deleteResponse = await fetch(`https://api.clerk.com/v1/users/${targetClerkId}`, {
|
|
method: 'DELETE',
|
|
headers: {
|
|
'Authorization': `Bearer ${CLERK_SECRET_KEY}`,
|
|
},
|
|
});
|
|
|
|
if (!deleteResponse.ok) {
|
|
const errorData = await deleteResponse.json();
|
|
throw new Error(`Clerk API error: ${JSON.stringify(errorData)}`);
|
|
}
|
|
|
|
return new Response(JSON.stringify({ success: true }), {
|
|
headers: { ...corsHeaders, 'Content-Type': 'application/json' }
|
|
});
|
|
|
|
} catch (error) {
|
|
console.error('admin-delete-user error:', error);
|
|
return new Response(JSON.stringify({ error: error.message }), {
|
|
status: 500,
|
|
headers: { ...corsHeaders, 'Content-Type': 'application/json' }
|
|
});
|
|
}
|
|
});
|