0.1.2 • Published 1 year ago
@gallofeliz/auth v0.1.2
Auth
Authentication/Authorization:
- Support Apache generated credentials
- Authenticate users
- Authorize users/guest(anonym) with authorizations
- Express Middleware with static requiredAuthorization or request generated requiredAuthorization
- Free authorizations nomenclature, example :
import { Auth, createAuthMiddleware } from '.'
const auth = new Auth({
users: [
{ username: 'Paul', password: 'secret', autorisations: ['role-user'] },
{ username: 'Mélanie', password: 'verySecret', autorisations: ['role-admin'] },
{ username: 'admin', password: 'veryVerySecret', autorisations: ['*', '!users.remove-admin'] },
{ username: '33reader', password: 'secret', autorisations: ['blog.read-article[33]'] },
{ username: 'no33reader', password: 'secret', autorisations: ['blog.read-article[*]', '!blog.read-article[33]'] }
],
anonymAutorisations: ['blog.read-*', 'blog.write-public'],
authorizationsExtensions: {
'role-user': ['blog.read-*', 'blog.write-*', 'whoiam'],
'role-admin': ['role-user', 'users.remove-user']
}
})
auth.authenticate('Mélanie', 'test') // AuthenticationError
const Mélanie = auth.authenticate('Mélanie', 'verySecret')
auth.ensureAuthorized(Mélanie, 'users.remove-admin') // AuthorizationError
auth.ensureAuthorized(Mélanie, 'blog.write-article-55')
const server = app()
server.get(
'/whoiam',
createAuthMiddleware({auth, realm: 'abc', requiredAuthorization: 'whoiam'}),
(req, res) => {
res.send(req.user.username)
}
)
server.get(
'/article/:id',
createAuthMiddleware({auth, realm: 'abc', requiredAuthorization: ({params}) => 'blog.read-article[' + params.id + ']'}),
(req, res) => {
res.end()
}
)