authorizer-lasser v0.1.2

authorizer

Lightweight connect based authorization middleware.

This library was extracted from an internal project where our authorization requirements where extremely simple. Large and more feature-rich libraries seemed like overkill. We also wanted something that is expressive and consistent with express.js' routes.

###Installation

npm install authorizer --save

###Example

This example makes use of passport.js for authentication

var express    = require('express')
var passport   = require('passport');
var authorizer = require('authorizer');

var routes = [
	{method : 'delete',   path : '/api*',         check : function(req) {return req.user.isAdmin();}},
	{method : 'post',     path : '/api/resource', check : function(req) {return req.user.isAdmin();}},
	{method : 'post',     path : '/api/auth*',    check : authorizer.assertAlwaysOpen},
	{method : 'get,post', path : '/api*',         check : function(req) {return req.isAuthenticated();}},
	{method : '*',        path : '*',             check : authorizer.assertAlwaysClosed}
];
	
app.configure(function() {
	app.passport = passport;

	app.use(express.bodyParser());
	app.use(express.methodOverride());

	app.use(express.cookieParser()); 
	app.use(express.session({ secret: 'Some secret' })); 
	app.use(passport.initialize());
	app.use(passport.session());

	app.use(authorizer(routes));
	app.use(app.router);
});