From 57e78d8118bd2799b592a327e7abbde8d4a36b5c Mon Sep 17 00:00:00 2001
From: OH-GITAEK <dhrlxor1512@gmail.com>
Date: Tue, 28 May 2024 12:40:26 +0900
Subject: [PATCH] #5 [feat] create check admin middlewares

---
 api/middlewares/admin.js | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 api/middlewares/admin.js

diff --git a/api/middlewares/admin.js b/api/middlewares/admin.js
new file mode 100644
index 0000000..784fdb2
--- /dev/null
+++ b/api/middlewares/admin.js
@@ -0,0 +1,11 @@
+const adminMiddleware = (req, res, next) => {
+  if (!req.user) {
+    return res.status(403).json({ message: "Access denied, empty user" });
+  }
+  if (!req.user.isAdmin) {
+    return res.status(403).json({ message: "Access denied, admin only" });
+  }
+  next();
+};
+
+module.exports = adminMiddleware;