mirror of
https://github.com/Bubka/2FAuth.git
synced 2024-12-13 02:31:41 +01:00
14 lines
398 B
JavaScript
14 lines
398 B
JavaScript
|
/**
|
||
|
|
* Allows an authenticated user to access the route only if he has administrator rights
|
||
|
|
*/
|
||
|
|
export default async function adminOnly({ to, next, nextMiddleware, stores }) {
|
||
|
|
const { user } = stores
|
||
|
|
const { notify } = stores
|
||
|
|
|
||
|
|
if (! user.isAdmin) {
|
||
|
|
let err = new Error('unauthorized')
|
||
|
|
err.response.status = 403
|
||
|
|
notify.error(err)
|
||
|
|
}
|
||
|
|
else nextMiddleware()
|
||
|
|
}
|