summary refs log tree commit diff
path: root/src/api/middlewares/authMiddleware.js
diff options
context:
space:
mode:
Diffstat (limited to 'src/api/middlewares/authMiddleware.js')
-rw-r--r--src/api/middlewares/authMiddleware.js8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/api/middlewares/authMiddleware.js b/src/api/middlewares/authMiddleware.js

index 1187112..8553517 100644
--- a/src/api/middlewares/authMiddleware.js
+++ b/src/api/middlewares/authMiddleware.js
@@ -1,5 +1,5 @@
 import { validateJwtToken } from '#util/jwtUtils.js';
-import { DbUser } from '#db/schemas/index.js';
+import { DbUser, UserType } from '#db/schemas/index.js';
 
 /**
  * @param options {AuthValidationOptions}
@@ -15,6 +15,12 @@ export function validateAuth(options) {
 
         const user = (req.user = await DbUser.findById(auth.id).exec());
 
+        // admin can do everything
+        if (user.type == UserType.ADMIN) {
+            next();
+            return;
+        }
+
         if (options.roles && !options.roles.includes(user.type)) {
             res.status(401).send('Unauthorized');
             return;
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-06-29 23:53:48 +0000