admtracksteel/GPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: remove requireAdmin from users route

Browse Source
This commit is contained in:
admtracksteel
2026-04-02 16:35:47 +00:00
parent 08e2e97b2c
commit f73b011015
1 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/server/routes/userRoutes.ts
View File

@@ -1,21 +1,20 @@
import express from 'express'; import express from 'express';
import { syncUser, getCurrentUser, getAllUsers, updateUserRole, toggleBanUser, heartbeat, getActiveUsers, deleteUser } from '../controllers/userController.js'; import { syncUser, getCurrentUser, getAllUsers, updateUserRole, toggleBanUser, heartbeat, getActiveUsers, deleteUser } from '../controllers/userController.js';
import { extractUser, requireAdmin } from '../middleware/authMiddleware.js'; import { extractUser } from '../middleware/authMiddleware.js';
const router = express.Router(); const router = express.Router();
// Public routes (no auth required)
// Get current user (requires extractUser middleware) router.get('/', getAllUsers);
router.get('/me', extractUser, getCurrentUser); router.get('/me', extractUser, getCurrentUser);
// Heartbeat & Presence // Heartbeat & Presence
router.post('/heartbeat', extractUser, heartbeat); router.post('/heartbeat', extractUser, heartbeat);
router.get('/active', extractUser, getActiveUsers); router.get('/active', extractUser, getActiveUsers);
// Admin-only routes // Admin routes
router.get('/', extractUser, requireAdmin, getAllUsers); router.patch('/:id/role', extractUser, updateUserRole);
router.patch('/:id/role', extractUser, requireAdmin, updateUserRole); router.patch('/:id/ban', extractUser, toggleBanUser);
router.patch('/:id/ban', extractUser, requireAdmin, toggleBanUser); router.delete('/:id', extractUser, deleteUser);
router.delete('/:id', extractUser, requireAdmin, deleteUser);
export default router; export default router;