From 72f5731adeebf8d76c5c2dcc266f600ba57812d8 Mon Sep 17 00:00:00 2001
From: Marvin Borner
Date: Sat, 10 Oct 2020 17:05:27 +0200
Subject: Added basic admin interface

---
 auth/index.js | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

(limited to 'auth/index.js')

diff --git a/auth/index.js b/auth/index.js
index 1ea6290..40062cc 100644
--- a/auth/index.js
+++ b/auth/index.js
@@ -4,14 +4,24 @@ const db = require("../db");
 
 const app = express.Router();
 
-// TODO: Change passwords
-// TODO: Login (+ Frontend, cookie, etc)
-
 function checkUser(req, res, next) {
     if (req.session.loggedIn) next();
     else res.redirect("/auth");
 }
 
+function checkAdmin(req, res, next) {
+    if (!req.session.loggedIn) res.redirect("/auth");
+
+    try {
+        db.query("SELECT is_admin FROM users WHERE id = ?", [req.session.uid]).then((ret) => {
+            if (ret[0].is_admin == 1) next();
+            else res.redirect("/");
+        });
+    } catch (e) {
+        res.redirect("/");
+    }
+}
+
 app.use(
     "/",
     (req, res, next) => {
@@ -81,4 +91,4 @@ app.get("/api/list", checkUser, async (req, res) => {
 
 app.get("/api/status", (req, res) => res.json({ loggedIn: req.session.loggedIn }));
 
-module.exports = { auth: app, checkUser };
+module.exports = { auth: app, checkUser, checkAdmin };
-- 
cgit v1.2.3