aboutsummaryrefslogtreecommitdiff
path: root/src/api/structures
diff options
context:
space:
mode:
Diffstat (limited to 'src/api/structures')
-rw-r--r--src/api/structures/Route.js3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/api/structures/Route.js b/src/api/structures/Route.js
index 60c8b06..a359488 100644
--- a/src/api/structures/Route.js
+++ b/src/api/structures/Route.js
@@ -33,7 +33,7 @@ class Route {
return JWT.verify(token, process.env.SECRET, async (error, decoded) => {
if (error) {
log.error(error);
- return res.status(401).json({ message: 'Your token appears to be invalid' });
+ return res.status(401).json({ message: 'Invalid token' });
}
const id = decoded ? decoded.sub : '';
const iat = decoded ? decoded.iat : '';
@@ -42,6 +42,7 @@ class Route {
if (!user) return res.status(401).json({ message: 'Invalid authorization' });
if (iat && iat < moment(user.passwordEditedAt).format('x')) return res.status(401).json({ message: 'Token expired' });
if (!user.enabled) return res.status(401).json({ message: 'This account has been disabled' });
+ if (this.options.adminOnly && !user.isAdmin) return res.status(401).json({ message: 'Invalid authorization' });
return this.run(req, res, db, user);
});
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-14 20:27:58 +0000