feat: add `requireAdmin` optional param

backend/app.ts

@@ -41,7 +41,8 @@ const assMetaMiddleware = (port: number, proxied: boolean): RequestHandler =>
 /**
  * Custom middleware to verify user access
  */
-const loginRedirectMiddleware: RequestHandler = async (req: Request, res: Response, next: NextFunction) => {
+const loginRedirectMiddleware = (requireAdmin = false): RequestHandler =>
+	async (req: Request, res: Response, next: NextFunction) => {
 
 		// If auth doesn't exist yet, make the user login
 		if (!req.session.ass?.auth) {
@@ -56,7 +57,7 @@ const loginRedirectMiddleware: RequestHandler = async (req: Request, res: Respon
 			const user = (await get('users', req.session.ass.auth.uid)) as AssUser;
 
 			// Check if user is admin
-		if (req.baseUrl === '/admin' && !user.admin) {
+			if ((requireAdmin || req.baseUrl === '/admin') && !user.admin) {
 				log.warn('Admin verification failed', user.username, user.id);
 				res.sendStatus(403);
 			} else next();
@@ -165,8 +166,8 @@ async function main() {
 	// Basic page routers
 	app.use('/setup', buildFrontendRouter('setup', false));
 	app.use('/login', buildFrontendRouter('login'));
-	app.use('/admin', loginRedirectMiddleware, buildFrontendRouter('admin'));
+	app.use('/admin', loginRedirectMiddleware(), buildFrontendRouter('admin'));
-	app.use('/user', loginRedirectMiddleware, buildFrontendRouter('user'));
+	app.use('/user', loginRedirectMiddleware(), buildFrontendRouter('user'));
 
 	// Advanced routers
 	app.use('/api', (await import('./routers/api.js')).router);