feat(api): Expose the update user API in the openapi specs

1 files changed, 22 insertions, 0 deletions

diff --git a/packages/api/middlewares/auth.ts b/packages/api/middlewares/auth.ts
index 42bca6c8..92f591ad 100644
--- a/packages/api/middlewares/auth.ts
+++ b/packages/api/middlewares/auth.ts
@@ -35,3 +35,25 @@ export const authMiddleware = createMiddleware<{
   c.set("api", createCaller(c.get("ctx")));
   await next();
 });
+
+export const adminAuthMiddleware = createMiddleware<{
+  Variables: {
+    ctx: AuthedContext;
+    api: ReturnType<typeof createCaller>;
+  };
+}>(async (c, next) => {
+  if (!c.var.ctx || !c.var.ctx.user || c.var.ctx.user === null) {
+    throw new HTTPException(401, {
+      message: "Unauthorized",
+    });
+  }
+
+  if (c.var.ctx.user.role !== "admin") {
+    throw new HTTPException(403, {
+      message: "Forbidden - Admin access required",
+    });
+  }
+
+  c.set("api", createCaller(c.get("ctx")));
+  await next();
+});