feat: throw 401 errors when a user doesn't have permissions (#5984)

* feat: throw 401 errors when a user doesn't have permissions * remove pointless message * prepr
2026-05-04 02:46:40 -07:00
parent b53887997c
commit 7d6f77bebf
9 changed files with 236 additions and 98 deletions
@@ -0,0 +1,13 @@
+import { isStaff } from '@modrinth/utils'
+
+export default defineNuxtRouteMiddleware(async () => {
+	const auth = await useAuth()
+
+	if (!auth.value.user || !isStaff(auth.value.user)) {
+		throw createError({
+			fatal: true,
+			statusCode: 401,
+			statusMessage: 'Unauthorized',
+		})
+	}
+})