KnearMe Admin Operations Runbook

Admin login incident triage

1. Verify Supabase auth service status.
2. Verify target user exists in admin_users.
3. Confirm middleware/session cookie behavior on /dashboard/*.

Role/permission incident triage

1. Query admin_users role value for affected user.
2. Confirm route uses expected requireAdmin() or requireRole() guard.
3. Validate recent changes to auth helper logic under src/lib.

Audit and trace workflow

• Use admin_audit_log entries to trace privileged actions.
• Correlate timestamp/user/action with incident timeline before rollback.

Rollback guidance

• Roll back app deployment to last known-good build.
• Re-run smoke checks on login and key dashboard sections.