Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-21 02:40:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor: re-use logic for admin routes

Browse source
This commit is contained in:
Danny Avila 2025-08-30 11:32:04 -04:00
parent fbe0def2fa
commit a1f9f3dd39
No known key found for this signature in database
GPG key ID: BF31EEB2C5CA0956
7 changed files with 47 additions and 203 deletions
Download patch file Download diff file Expand all files Collapse all files

22
api/server/middleware/requireAdmin.js Normal file
View file

@ -0,0 +1,22 @@
const { SystemRoles } = require('librechat-data-provider');
const { logger } = require('~/config');
/**
* Middleware to check if authenticated user has admin role
* Should be used AFTER authentication middleware (requireJwtAuth, requireLocalAuth, etc.)
*/
const requireAdmin = (req, res, next) => {
if (!req.user) {
logger.warn('[requireAdmin] No user found in request');
return res.status(401).json({ message: 'Authentication required' });
}
if (!req.user.role || req.user.role !== SystemRoles.ADMIN) {
logger.debug('[requireAdmin] Access denied for non-admin user:', req.user.email);
return res.status(403).json({ message: 'Access denied: Admin privileges required' });
}
next();
};
module.exports = requireAdmin;