26 lines
713 B
JavaScript
26 lines
713 B
JavaScript
const logger = require("../utils/logger");
|
|
const adminEmail = require("../utils/adminEmail");
|
|
|
|
/**
|
|
* Validate admin middleware
|
|
* It adds the following properties to the request object:
|
|
* - req.isAdmin - returns true if the user passed an admin check
|
|
* @param req
|
|
* @param res
|
|
* @param next
|
|
* @returns {*}
|
|
*/
|
|
const validateAdminMiddleware = (req, res, next) => {
|
|
if (!adminEmail.includes(req.user.email) && !req.user.ioadmin) {
|
|
logger.log("admin-validation-failed", "ERROR", req.user.email, null, {
|
|
request: req.body,
|
|
user: req.user,
|
|
});
|
|
return res.sendStatus(404);
|
|
}
|
|
|
|
req.isAdmin = true;
|
|
next();
|
|
};
|
|
|
|
module.exports = validateAdminMiddleware; |