aboutsummaryrefslogtreecommitdiffstats
path: root/backend/src/routes/admin.ts
diff options
context:
space:
mode:
Diffstat (limited to 'backend/src/routes/admin.ts')
-rw-r--r--backend/src/routes/admin.ts10
1 files changed, 5 insertions, 5 deletions
diff --git a/backend/src/routes/admin.ts b/backend/src/routes/admin.ts
index 1950715..63d6ccf 100644
--- a/backend/src/routes/admin.ts
+++ b/backend/src/routes/admin.ts
@@ -7,13 +7,9 @@ export const handleCreateGame = async (req: express.Request, res: express.Respon
return res.status(401).json({ error: 'Authentication required' });
}
- if (req.session.userId !== 1){
- return res.status(403).json({ error: 'Unauthorized. You are not the admin of this instance' });
- }
-
const user = await prisma.user.findUnique({
where: { id: req.session.userId },
- select: { id: true, username: true, email: true }
+ select: { id: true, username: true, isAdmin: true }
});
if (!user) {
@@ -22,6 +18,10 @@ export const handleCreateGame = async (req: express.Request, res: express.Respon
});
return res.status(401).json({ error: 'Invalid session' });
}
+
+ if (user.id !== 1 && !user.isAdmin) {
+ return res.status(403).json({ error: 'Unauthorized. You are not an admin of this instance' });
+ }
const { gameInternalName, gameFormattedName, gameDescription } = req.body;
if (!gameInternalName || !gameFormattedName || !gameDescription) {
send patches to the email below
yukais@pinapelz.com
include the subject [PATCH repo_name]
pinapelz.com
homepage