🔐 RBAC (ROLE-BASED ACCESS CONTROL)

Roles:

• ADMIN
• MANAGER
• AGENT
• AMBASSADOR

🧠 PERMISSION MIDDLEWARE

export function requireRole(role: string) { return (req, res, next) => {if (req.user.role !== role) { return res.status(403).send(“Forbidden”); }next(); }; }

🔑 JWT VALIDATION (API)

import { auth } from “@clerk/nextjs/server”;export function authMiddleware(req) {const { userId } = auth();if (!userId) throw new Error(“Unauthorized”);req.userId = userId; }