feat(auth): add RequireAdmin middleware for /api/admin/* routes

Replaces the old X-API-Token-based RequireAdmin in middleware.go with a
context-aware RequireAdmin() that runs after RequireUser, checks
user.IsAdmin, and returns 403 {"error":"not_authorized"} for non-admins
or 500 {"error":"internal_error"} if RequireUser was bypassed. Updates
server.go to mount RequireUser then RequireAdmin on the /api/admin group.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-04-29 17:27:47 -04:00
parent f73a5ccef5
commit 4492826354
4 changed files with 144 additions and 39 deletions
+2 -1
View File
@@ -57,7 +57,8 @@ func (s *Server) Router() http.Handler {
)
api.Mount(r, s.Pool, s.Logger, writer, s.RecommendationCfg)
r.Route("/api/admin", func(admin chi.Router) {
admin.Use(auth.RequireAdmin(s.Pool))
admin.Use(auth.RequireUser(s.Pool))
admin.Use(auth.RequireAdmin())
if s.Scanner != nil {
admin.Post("/scan", s.handleAdminScan)
}