Started implementing the roles permissions

src/pages/api/invites/[id].ts

@@ -4,6 +4,7 @@ import client from "@/lib/mongodb";
 import { withIronSessionApiRoute } from "iron-session/next";
 import { sessionOptions } from "@/lib/session";
 import { Invite } from "@/interfaces/invite";
+import { requestUser } from "@/utils/api";
 
 const db = client.db(process.env.MONGODB_DB);
 
@@ -18,10 +19,8 @@ async function handler(req: NextApiRequest, res: NextApiResponse) {
 }
 
 async function get(req: NextApiRequest, res: NextApiResponse) {
-  if (!req.session.user) {
-    res.status(401).json({ ok: false });
-    return;
-  }
+	const user = await requestUser(req, res)
+	if (!user) return res.status(401).json({ ok: false });
 
   const { id } = req.query as { id: string };
 
@@ -35,10 +34,8 @@ async function get(req: NextApiRequest, res: NextApiResponse) {
 }
 
 async function del(req: NextApiRequest, res: NextApiResponse) {
-  if (!req.session.user) {
-    res.status(401).json({ ok: false });
-    return;
-  }
+	const user = await requestUser(req, res)
+	if (!user) return res.status(401).json({ ok: false });
 
   const { id } = req.query as { id: string };
 
@@ -48,7 +45,6 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
     return;
   }
 
-  const user = req.session.user;
   if (user.type === "admin" || user.type === "developer") {
     await db.collection("invites").deleteOne({ id: id });
     res.status(200).json({ ok: true });
@@ -59,13 +55,10 @@ async function del(req: NextApiRequest, res: NextApiResponse) {
 }
 
 async function patch(req: NextApiRequest, res: NextApiResponse) {
-  if (!req.session.user) {
-    res.status(401).json({ ok: false });
-    return;
-  }
+	const user = await requestUser(req, res)
+	if (!user) return res.status(401).json({ ok: false });
 
   const { id } = req.query as { id: string };
-  const user = req.session.user;
 
   if (user.type === "admin" || user.type === "developer") {
     await db.collection("invites").updateOne(