admin static method

Future admin(HttpRequest request, Future<void> next())

Middleware that restricts access to users with the admin role.

Requests from unauthenticated users or authenticated users without the admin role receive a forbidden response.

Example:

router.get(
  '/admin',
  handler: (request) async => adminController.index(request),
  middleware: [Role.admin],
);

Implementation

static Future<dynamic> admin(HttpRequest request, Future<void> Function() next) async {

  final user = await request.user;

  if (user == null) {
    return request.forbidden();
  }

  if (!await user.hasRole(.admin)) {
    return request.forbidden();
  }

  await next();
}