0.1.4 • Published 8 years ago
@webgap/authorization-utils v0.1.4
WebGAP Authorization Utils
README
WebGAP Authorization module for Express.js
This is the Authorization utilities module for express routes using Role-based Access Control - RBAC.
Dependencies
Handles notifications using @webgap/notifier.
Requirements
Requires passport. Requires express.
API
Installation
npm install @webgap/authorization-utils --saveUsage
It can be used as expressjs middleware:
var Authorizator = require('@webgap/authorization-utils');
var authorizator = new Autorizator();
var Role = Authorizator.Role;
...
// set authorization required to all routes starting with
app.use('/admin', authorizator.isAuthorized([Role.ADMIN]));
app.use('/user', authorizator.isAuthorized([Role.USER]));
app.use('/provider', authorizator.isAuthorized([Role.PROVIDER]));
...
// or apply to individual troutes
app.router.get('/account/settings', authorizator.isAuthorized([Role.USER]), function (req, res) {
res.render('backend/account/settings.html');
});
...Or in the browser with a templating engine as a filter:
<% if (authorizator.hasAccess(user, [authorizator.Role.ADMIN])) { %>
<span>Welcome Administrator!</span>
<% } %>
...Check the tests for more info.
Options
var Authorizator = require('@webgap/authorization-utils');
var options = {
notifier: { // default to @webgap/notifier module
notify: function notify(options, callback) {
console.log(options.notification); //render message as you want
return callback();
}
},
unauthorizedURL: '/unauthorized',
loginURL: '/auth/login',
unauthenticatedMessageKey: 'messages.warning.authentication-required',
unauthorizedMessageKey: 'messages.error.authorization-required'
};
...
var authorizator = new Authorizator(options);
...License
Apache License, Version 2.0