Image now a file

exam/classes/Auth/AdminAuth.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace Khofmann\Auth;
+
+use Exception;
+use Pecee\Http\Middleware\IMiddleware;
+use Pecee\Http\Request;
+use Khofmann\Models\User\User;
+
+class AdminAuth implements IMiddleware
+{
+  public function handle(Request $request): void
+  {
+    $token = $request->getHeader("token");
+
+    // No token
+    if ($token === null) {
+      response()->httpCode(401)->json(["message" => "Not Authorized"]);
+    }
+
+    try {
+      $user = User::getByToken($token);
+      if (!$user->getIsAdmin()) {
+        response()->httpCode(401)->json(["message" => "Not Authorized"]);
+      }
+    } catch (Exception $err) {
+      // No user with this token exists
+      response()->httpCode(401)->json(["message" => "Not Authorized"]);
+    }
+  }
+}