Currently there is a file called firebase_auth.go (I think?) in /middleware. This file should be improved to act as a gatekeeper to different routes, or (maybe?) different permissions per handler. Currently, it gatekeepers admin and any other non-admin role between routes they're allowed in and not. mod and mod<some sort of school specific identifier> roles should also be added, alongside ways for admins to adjust and remove mod roles. This will be done by altering a Firebase user's authentication token and adding a custom payload. An example, again, for how to alter custom data is in firebase_auth.go.

I'm not super sure how this should be implemented, so I think it would be best to first watch some videos or view other content to learn how a good admin-mod-specific_school_mod-general_user role-based authorization system can be implemented.