diff options
| author | Pinapelz <yukais@pinapelz.com> | 2025-09-03 21:45:38 -0700 |
|---|---|---|
| committer | Pinapelz <yukais@pinapelz.com> | 2025-09-03 21:45:38 -0700 |
| commit | 159cac6460fb2a42456c6f9a44cbcdb03b938823 (patch) | |
| tree | fb39937774a9bdf99f932b2df6bcab433dcfe4bb /backend/src | |
| parent | c8bae6ab79a32da0fe745ebb9401e14f86c1f0d8 (diff) | |
implement admin dashboard frontend and handle game creation
Diffstat (limited to 'backend/src')
| -rw-r--r-- | backend/src/routes/admin.ts | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/backend/src/routes/admin.ts b/backend/src/routes/admin.ts index 1950715..63d6ccf 100644 --- a/backend/src/routes/admin.ts +++ b/backend/src/routes/admin.ts @@ -7,13 +7,9 @@ export const handleCreateGame = async (req: express.Request, res: express.Respon return res.status(401).json({ error: 'Authentication required' }); } - if (req.session.userId !== 1){ - return res.status(403).json({ error: 'Unauthorized. You are not the admin of this instance' }); - } - const user = await prisma.user.findUnique({ where: { id: req.session.userId }, - select: { id: true, username: true, email: true } + select: { id: true, username: true, isAdmin: true } }); if (!user) { @@ -22,6 +18,10 @@ export const handleCreateGame = async (req: express.Request, res: express.Respon }); return res.status(401).json({ error: 'Invalid session' }); } + + if (user.id !== 1 && !user.isAdmin) { + return res.status(403).json({ error: 'Unauthorized. You are not an admin of this instance' }); + } const { gameInternalName, gameFormattedName, gameDescription } = req.body; if (!gameInternalName || !gameFormattedName || !gameDescription) { |