From c27ad19499c0180fcc16f850a398fc47794cce75 Mon Sep 17 00:00:00 2001
From: Ethan Girouard <mr.egirouard@gmail.com>
Date: Sat, 18 May 2024 20:43:26 -0400
Subject: [PATCH] Prevent arbitrary admin user creation

---
 src/auth.rs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/auth.rs b/src/auth.rs
index 2eda7cf..20de5c3 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -21,9 +21,10 @@ use crate::users::UserCredentials;
 pub async fn signup(new_user: User) -> Result<(), ServerFnError> {
 	use crate::users::create_user;
 
-	// Ensure the user has no id
+	// Ensure the user has no id, and is not a self-proclaimed admin
 	let new_user = User {
 		id: None,
+		admin: false,
 		..new_user
 	};