Now we can check if user is admin. This has to be set manually and now only is used for fetching torrents.

seasoned_api/src/database/schemas/setup.sql

@@ -2,6 +2,7 @@ CREATE TABLE IF NOT EXISTS user (
     user_name varchar(127) UNIQUE,
     password varchar(127),
     email varchar(127) UNIQUE,
+    admin boolean DEFAULT 0,
     primary key (user_name)
 );
 

seasoned_api/src/webserver/middleware/mustBeAdmin.js

@@ -0,0 +1,26 @@
+const establishedDatabase = require('src/database/database');
+
+const mustBeAdmin = (req, res, next) => {
+   let database = establishedDatabase;
+
+   if (req.loggedInUser === undefined) {
+      return res.status(401).send({
+         success: false,
+         error: 'You must be logged in.',
+      });
+   } else {
+      database.get(`SELECT admin FROM user WHERE user_name IS ?`, req.loggedInUser.username)
+      .then((isAdmin) => {
+         if (isAdmin.admin == 0) {
+            return res.status(401).send({
+               success: false,
+               error: 'You must be logged in as a admin.'
+            })
+         }
+      })
+   }
+
+   return next();
+};
+
+module.exports = mustBeAdmin;