Question:
[I have create a custom admin dashboard for my website and i let the admin after log in in mu custom log in light box to open this dashboard but the is a message tell me i don’t have the permission to view this page “”**I am an admin(co owner “of the site **”" also i tried to put a button to open this dashboard but the same message occurred ,.]
Product:
[Wix Editor]
Can you share a screenshot showing the error and setup?
Also can you share the code for the login flow that is malfunctioning?
this is my log in page , and there is no error but when I click on the button it show a page to tell me their is no permissions to open this page back to home (in publish mode )
import wixLocation from 'wix-location';
import wixWindow from 'wix-window';
import wixUsers from 'wix-users';
import { checkAccount } from 'backend/account.jsw';
import wixData from 'wix-data';
$w.onReady(() => {
$w('#submit').onClick(async () => {
const email = $w('#username').value;
await checkAccount(email).then(result => {
switch (result.code) {
case 200:
// Attempt to login
// Check user type in another collection
wixData.query('user')
.eq('email', email)
.find()
.then(userResult => {
if (userResult.items.length > 0) {
const usertype = userResult.items[0].usertype;
const user = wixUsers.currentUser;
if (user.loggedIn && user.role === 'admin') {
// Redirect to admin dashboard
wixWindow.lightbox.close();
wixLocation.to("/blank1");
} else {
// Redirect to member area
wixWindow.lightbox.close();
wixLocation.to("/member-area");
}
} else {
console.error('User not found in user collection');
}
})
.catch(err => {
console.error('Error querying user collection:', err);
});
break;
case 190:
// The account is pending approval
// Show a message or handle as needed
break;
case 404:
// The email doesn't belong to any account
// Show a message or handle as needed
break;
}
});
});
});
` ``
**
this is what i get when make a button link to my custom dashboard
I’d recommend using the wix-members libraries to handle user login. Querying a database for a valid email isn’t going to be secure as any user can query that database and see which emails are valid and then use them.
wix-members-frontend
has functions like login()
, logout()
, and getMember()
that should be useful here. There’s also equivalents for wix-members-backend
. When using these facilities and a user logs in they’ll also get their correct permissions to view a page after logging in.