From 73a24af2795d35fcffebc05bc33ae53cae40ac5c Mon Sep 17 00:00:00 2001
From: Miodec <jack@monkeytype.com>
Date: Tue, 27 Jun 2023 17:03:33 +0200
Subject: [PATCH] admin validation

---
 backend/src/api/routes/admin.ts | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/backend/src/api/routes/admin.ts b/backend/src/api/routes/admin.ts
index eaf12c40c..9097ace42 100644
--- a/backend/src/api/routes/admin.ts
+++ b/backend/src/api/routes/admin.ts
@@ -5,10 +5,12 @@ import {
   asyncHandler,
   checkIfUserIsAdmin,
   validateConfiguration,
+  validateRequest,
 } from "../../middlewares/api-utils";
 import * as AdminController from "../controllers/admin";
 import { adminLimit } from "../../middlewares/rate-limit";
 import { toggleBan } from "../controllers/user";
+import joi from "joi";
 
 const router = Router();
 
@@ -38,6 +40,11 @@ router.post(
     noCache: true,
   }),
   checkIfUserIsAdmin(),
+  validateRequest({
+    body: {
+      uid: joi.string().required().token(),
+    },
+  }),
   asyncHandler(toggleBan)
 );