RBAC-based authorization library for node
$ npm install auth-rbac
var authRbac = require('auth-rbac');
authRbac.mongoose = require('auth-rbac-mongoose');
authRbac.httpBasic = require('auth-rbac-http-basic');
var User = require('./models/users');
var Group = require('./models/groups');
var Route = authRbac.mongoose.Route;
var credRoute = new Route({ name: String, pass: String });
var userRoute = credRoute.field('user').linkWith('name').gives(User);
var roleRoute = userRoute.field('group_id').dbRef.gives(Group);
var privRoute = roleRoute.field('privs').gives([String]);
var auth = authRbac.mongoose(userRoute, roleRoute, privRoute);
var express = require('express');
var app = express();
app.use(authRbac.httpBasic(auth, 'example'));
app.get('/resources', authRbac.requirePrivilege(auth, 'resource-list', {
onAccessGranted: function(req, res) {
res.send('Access granted');
}
}));
For a better experience, you should make use of auth-rbac plugins, such as:
You are enticed to contribute with your own plugins. If you do so, make me know so that I can list it here with the others.
var auth = authRbac({
authenticateUser: function(creds, cb) {
// return user info or null
},
userGetRole: function(user, cb) {
// return user role info or null
},
roleHasPrivilege: function(role, priv, cb) {
// return whether role has privilege
}
});
app.use(authRbac.authenticate(auth, {
extractCredentials: function(req) {
// return credentials in request or null
},
askForCredentials: function(res) {
// ask for credentials, ie: res.sendStatus(401)
}
}));