From 1c12615e0160f4c57b7ced16935cd014c2f663ec Mon Sep 17 00:00:00 2001
From: Josh Moore <josh.moore+gpg@jmoore.dev>
Date: Sat, 21 Oct 2023 23:05:50 -0600
Subject: [PATCH] feat: add `requireAdmin` optional param

---
 backend/app.ts | 47 ++++++++++++++++++++++++-----------------------
 1 file changed, 24 insertions(+), 23 deletions(-)

diff --git a/backend/app.ts b/backend/app.ts
index 253e48c..a0b2cc2 100644
--- a/backend/app.ts
+++ b/backend/app.ts
@@ -41,27 +41,28 @@ const assMetaMiddleware = (port: number, proxied: boolean): RequestHandler =>
 /**
  * Custom middleware to verify user access
  */
-const loginRedirectMiddleware: RequestHandler = async (req: Request, res: Response, next: NextFunction) => {
-
-	// If auth doesn't exist yet, make the user login
-	if (!req.session.ass?.auth) {
-		log.warn('User not logged in', req.baseUrl);
-
-		// Set pre-login path so user is directed to their requested page
-		req.session.ass!.preLoginPath = req.baseUrl;
-
-		// Redirect
-		res.redirect('/login');
-	} else {
-		const user = (await get('users', req.session.ass.auth.uid)) as AssUser;
-
-		// Check if user is admin
-		if (req.baseUrl === '/admin' && !user.admin) {
-			log.warn('Admin verification failed', user.username, user.id);
-			res.sendStatus(403);
-		} else next();
-	}
-};
+const loginRedirectMiddleware = (requireAdmin = false): RequestHandler =>
+	async (req: Request, res: Response, next: NextFunction) => {
+
+		// If auth doesn't exist yet, make the user login
+		if (!req.session.ass?.auth) {
+			log.warn('User not logged in', req.baseUrl);
+
+			// Set pre-login path so user is directed to their requested page
+			req.session.ass!.preLoginPath = req.baseUrl;
+
+			// Redirect
+			res.redirect('/login');
+		} else {
+			const user = (await get('users', req.session.ass.auth.uid)) as AssUser;
+
+			// Check if user is admin
+			if ((requireAdmin || req.baseUrl === '/admin') && !user.admin) {
+				log.warn('Admin verification failed', user.username, user.id);
+				res.sendStatus(403);
+			} else next();
+		}
+	};
 
 /**
  * Main function.
@@ -165,8 +166,8 @@ async function main() {
 	// Basic page routers
 	app.use('/setup', buildFrontendRouter('setup', false));
 	app.use('/login', buildFrontendRouter('login'));
-	app.use('/admin', loginRedirectMiddleware, buildFrontendRouter('admin'));
-	app.use('/user', loginRedirectMiddleware, buildFrontendRouter('user'));
+	app.use('/admin', loginRedirectMiddleware(), buildFrontendRouter('admin'));
+	app.use('/user', loginRedirectMiddleware(), buildFrontendRouter('user'));
 
 	// Advanced routers
 	app.use('/api', (await import('./routers/api.js')).router);