From f692589c6ea38c8c6eeb03718d12fa7521abee38 Mon Sep 17 00:00:00 2001
From: alma <alma@governance-labs.org>
Date: Fri, 18 Apr 2025 10:16:27 +0200
Subject: [PATCH] clean sidebar 5

---
 middleware.ts | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/middleware.ts b/middleware.ts
index cd70f3e8..2e0032da 100644
--- a/middleware.ts
+++ b/middleware.ts
@@ -29,8 +29,29 @@ export default withAuth(
             return true;
           }
           
-          // For protected API endpoints, check if the request has a valid session
-          if (!token) {
+          // For protected API endpoints, check if the request has a valid session and token
+          if (!token || !token.accessToken) {
+            return false;
+          }
+          
+          // Check if the token has the required roles for the specific service
+          const path = req.nextUrl.pathname;
+          const userRoles = token.role || [];
+          
+          // Add role checks for specific services
+          if (path.startsWith('/api/artlab') && !userRoles.includes('Expression')) {
+            return false;
+          }
+          
+          if (path.startsWith('/api/gite') && !userRoles.includes('DataIntelligence')) {
+            return false;
+          }
+          
+          if (path.startsWith('/api/calculation') && !userRoles.includes('Calculation')) {
+            return false;
+          }
+          
+          if (path.startsWith('/api/mediations') && !userRoles.includes('Mediations')) {
             return false;
           }