Altered API, read more

I moved /auth/account/privilege to /admin/privilege

I also fixed PATCH and DELETE on /account

server/admin/account-privilege.js

@@ -2,11 +2,6 @@ const { accounts } = require('../database/models');
 
 //auth/account/privilege
 const route = async (req, res) => {
-	//check the user's privilege
-	if (req.user.privilege != 'administrator') {
-		return res.status(401).send('Only admins can change privilege');
-	}
-
 	const updated = await accounts.update({
 		privilege: req.body.privilege
 	}, {

server/admin/index.js

@@ -1,3 +1,22 @@
-module.exports = {
-	defaultAccount: require('./default-account')
-};
+const express = require('express');
+const router = express.Router();
+
+//middleware
+const tokenAuth = require('../utilities/token-auth');
+
+router.use(tokenAuth);
+router.use((req, res, next) => {
+	//check the user's privilege
+	if (req.user.privilege != 'administrator') {
+		return res.status(401).send('Admins only');
+	}
+
+	next();
+});
+
+require('./default-account')(); //generate the default accouunt
+
+//basic route management
+router.patch('/privilege', require('./account-privilege'));
+
+module.exports = router;

server/auth/index.js

@@ -17,10 +17,8 @@ router.use(tokenAuth);
 
 //basic account management (needs a token)
 router.delete('/logout', require('./logout'));
-router.get('/account', require('./account'));
-router.patch('/update', require('./update'));
-router.delete('/deletion', require('./deletion'));
-
-router.patch('/account/privilege', require('./account-privilege'));
+router.get('/account', require('./account-query'));
+router.patch('/account', require('./account-update'));
+router.delete('/account', require('./account-delete'));
 
 module.exports = router;

server/server.js

@@ -15,8 +15,8 @@ app.use(cors());
 //database connection
 const database = require('./database');
 
-const admin = require('./admin');
-admin.defaultAccount();
+//access the admin
+app.use('/admin', require('./admin'));
 
 //access the auth
 app.use('/auth', require('./auth'));