Add alarm endpoints, basic budget routes, spend history

author: Rory& <root@rory.gay> 2025-06-01 11:13:55 +0200
committer: Rory& <root@rory.gay> 2025-06-01 11:13:55 +0200
commit: 4e12e02bc805170e6b03d33e0ef894b2a3021fb3 (patch)
tree: a525a35cfcc28f80bbe33d152fe483d14d8b23d1 /src/api/middlewares/authMiddleware.js
parent: Update test client (diff)
download: nodejs-final-assignment-4e12e02bc805170e6b03d33e0ef894b2a3021fb3.tar.xz
1 files changed, 7 insertions, 1 deletions
diff --git a/src/api/middlewares/authMiddleware.js b/src/api/middlewares/authMiddleware.js
index 1187112..8553517 100644
--- a/src/api/middlewares/authMiddleware.js
+++ b/src/api/middlewares/authMiddleware.js
@@ -1,5 +1,5 @@
 import { validateJwtToken } from '#util/jwtUtils.js';
-import { DbUser } from '#db/schemas/index.js';
+import { DbUser, UserType } from '#db/schemas/index.js';
 
 /**
  * @param options {AuthValidationOptions}
@@ -15,6 +15,12 @@ export function validateAuth(options) {
 
         const user = (req.user = await DbUser.findById(auth.id).exec());
 
+        // admin can do everything
+        if (user.type == UserType.ADMIN) {
+            next();
+            return;
+        }
+
         if (options.roles && !options.roles.includes(user.type)) {
             res.status(401).send('Unauthorized');
             return;
author	Rory& <root@rory.gay>	2025-06-01 11:13:55 +0200
committer	Rory& <root@rory.gay>	2025-06-01 11:13:55 +0200
commit	4e12e02bc805170e6b03d33e0ef894b2a3021fb3 (patch)
tree	a525a35cfcc28f80bbe33d152fe483d14d8b23d1 /src/api/middlewares/authMiddleware.js
parent	Update test client (diff)
download	nodejs-final-assignment-4e12e02bc805170e6b03d33e0ef894b2a3021fb3.tar.xz