Authentication

export const GET = handle({
  realtime,
  middleware: async ({ request, channels }) => {
    const user = await currentUser(request)

    for (const channel of channels) {
      if (channel === "default") {
        continue
      }

      if (!channel.startsWith(user.id)) {
        return new Response("You can only access your own channels", { status: 403 })
      }
    }
  },
})

import { getSession } from "@/auth"

export const GET = handle({
  realtime,
  middleware: async ({ request }) => {
    const session = await getSession(request)

    if (!session?.user) {
      return new Response("Please sign in", { status: 401 })
    }
  },
})

export const GET = handle({
  realtime,
  middleware: async ({ request, channels }) => {
    const user = await currentUser(request)

    for (const channel of channels) {
      if (channel === "default") {
        continue
      }

      if (channel.startsWith("admin-") && user.role !== "admin") {
        return new Response("Admin access required", { status: 403 })
      }

      if (channel.startsWith("team-")) {
        const teamId = channel.replace("team-", "")
        const isMember = await checkTeamMembership(user.id, teamId)

        if (!isMember) {
          return new Response("Not a team member", { status: 403 })
        }
      }
    }
  },
})