refactor: extract admin auth gate into requireAdmin() helper

[cleanjunc]

Summary

The same session check, is_admin check, and 401/403 response pair was duplicated across five admin API routes. This PR pulls that gate into a single requireAdmin() helper in src/lib/auth.ts and updates the affected routes to call it.

The helper returns { session, user } on success and a NextResponse (401 or 403) on failure, which slots cleanly into the existing early return pattern at each call site:

const gate = await requireAdmin();
if (gate instanceof NextResponse) return gate;
const { user: me } = gate;

Routes migrated:

• src/app/api/admin/users/route.ts
• src/app/api/admin/users/[id]/approve/route.ts
• src/app/api/admin/users/[id]/promote/route.ts
• src/app/api/admin/users/[id]/reject/route.ts
• src/app/api/admin/pending-count/route.ts

No behaviour change: status codes, response bodies, and the actor passed to approveUser / promoteUser / rejectUser all match the originals.

Related Issues

Closes #160

Type of Change

• Bug fix
• New feature
• Enhancement
• Refactor
• Documentation
• Other (describe):

Testing

• pnpm build passes
• Manual browser smoke test (for UI changes)
• N/A — docs / config only

Also verified with npx tsc --noEmit and eslint on the touched files. Admin endpoints still return 401 for unauthenticated callers, 403 for non-admins, and 200 for admins, matching pre-refactor behaviour.

Checklist

• Self-reviewed the diff
• Follows existing code patterns and naming
• No unrelated changes included
• Documentation updated if behavior changed

Summary by CodeRabbit

• Refactor
  • Streamlined admin API authorization patterns by consolidating common access verification logic across endpoints, improving code maintainability and consistency.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 7f458865-d143-4b8d-8b17-762f82584c29

📥 Commits

Reviewing files that changed from the base of the PR and between aab5b71 and 2fdbc6e.

📒 Files selected for processing (6)

• src/app/api/admin/pending-count/route.ts
• src/app/api/admin/users/[id]/approve/route.ts
• src/app/api/admin/users/[id]/promote/route.ts
• src/app/api/admin/users/[id]/reject/route.ts
• src/app/api/admin/users/route.ts
• src/lib/auth.ts

---

📝 Walkthrough

Walkthrough

This PR extracts repeated admin authorization logic from five separate API routes into a centralized requireAdmin() helper, then refactors each route to use it. The helper handles session validation and admin-status checks, returning an authorized user context or a NextResponse gate on failure.

Changes

Admin Auth Gate Extraction

Layer / File(s)	Summary
requireAdmin() helper in auth module src/lib/auth.ts	src/lib/auth.ts imports NextResponse and SessionPayload, then exports a new requireAdmin() async function that verifies the request's session cookie, returning a 401 NextResponse if no valid session exists, a 403 NextResponse if the associated user is missing or not an admin, and otherwise a { session, user } object for authorized requests.
Apply requireAdmin() to admin routes src/app/api/admin/pending-count/route.ts, src/app/api/admin/users/[id]/approve/route.ts, src/app/api/admin/users/[id]/promote/route.ts, src/app/api/admin/users/[id]/reject/route.ts, src/app/api/admin/users/route.ts	Each of the five admin routes updates its imports to use requireAdmin() and replaces inline session/admin checks with an awaited requireAdmin() call. Handlers now return the NextResponse immediately if authorization fails, or extract the current admin user and proceed with route-specific logic.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

A rabbit hops through tangled auth,
Five routes sang the same old song—
Now one shared gate keeps guard 'cross both,
Duplication's gone, security strong! 🐰✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 20.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the primary change: extracting duplicated admin authentication logic into a shared requireAdmin() helper function.
Linked Issues check	✅ Passed	All objectives from issue #160 are met: requireAdmin() helper created in src/lib/auth.ts returning correct types, all five routes migrated to use it, no behavioral changes to response codes or request handling.
Out of Scope Changes check	✅ Passed	All changes are directly related to the stated objective: extracting admin auth logic into requireAdmin() and updating routes to use it; no unrelated modifications detected.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

src/app/api/admin/pending-count/route.ts

ESLint skipped: missing config or dependency (missing-dependency). The ESLint configuration references a package that is not available in the sandbox.

src/app/api/admin/users/[id]/approve/route.ts

ESLint skipped: the ESLint configuration for this file references a package that is not available in the sandbox.

src/app/api/admin/users/[id]/promote/route.ts

ESLint skipped: the ESLint configuration for this file references a package that is not available in the sandbox.

• 3 others

Warning

Review ran into problems

🔥 Problems

Stopped waiting for pipeline failures after 30000ms. One of your pipelines takes longer than our 30000ms fetch window to run, so review may not consider pipeline-failure results for inline comments if any failures occurred after the fetch window. Increase the timeout if you want to wait longer or run a @coderabbit review after the pipeline has finished.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}