Altered API, read more

I moved /auth/account/privilege to /admin/privilege

I also fixed PATCH and DELETE on /account

server/admin/account-privilege.js

@@ -0,0 +1,20 @@
+const { accounts } = require('../database/models');
+
+//auth/account/privilege
+const route = async (req, res) => {
+	const updated = await accounts.update({
+		privilege: req.body.privilege
+	}, {
+		where: {
+			username: req.body.username
+		}
+	});
+
+	if (updated < 1) {
+		return res.status(403).send(`Unknown account`);
+	}
+
+	return res.status(200).end();
+};
+
+module.exports = route;

server/admin/index.js

@@ -1,3 +1,22 @@
-module.exports = {
-	defaultAccount: require('./default-account')
-};
+const express = require('express');
+const router = express.Router();
+
+//middleware
+const tokenAuth = require('../utilities/token-auth');
+
+router.use(tokenAuth);
+router.use((req, res, next) => {
+	//check the user's privilege
+	if (req.user.privilege != 'administrator') {
+		return res.status(401).send('Admins only');
+	}
+
+	next();
+});
+
+require('./default-account')(); //generate the default accouunt
+
+//basic route management
+router.patch('/privilege', require('./account-privilege'));
+
+module.exports = router;