0.1.1 • Published 10 years ago

facet-gatekeeper v0.1.1

Weekly downloads
1
License
MIT
Repository
github
Last release
10 years ago

gatekeeper

Node.js and MongoDB authentication and role based access control system. Key features are:

  • framework agnostic but exposes middleware functions that integrate easily with existing frameworks (such as ExpressJS, Koa and Flatiron). alpha note: only express style middleware is currently supported
  • provides API authentication via basic auth or JSON web tokens (jwt)
  • provides customer/account authentication
  • exposes robust schemas that include custom data fields
  • optionally extend users and roles with custom permission levels per action
  • decoupled, event driven communication between modules allowing custom replacements to be dropped in
  • support for multi tenant applications

When combined with other Facet modules (such as response and catalog) fully featured JSON APIs can be exposed out of the box with no customization required.

There are two main ways of using this module:

  1. In auto route binding mode, resulting in complete CRUD JSON web service out of the box.
  2. As a standalone library in custom piecemeal integrations (no auto route binding).

This module is currently in beta. See the TODO section for details on missing functionality

Examples

Auto route binding

coming soon...

Standalone usage

coming soon...

Setup

The following steps will get gatekeeper running locally:

  1. Install mongodb and start the service.
  2. run npm install facet-gatekeeper --save in your project's root directory

You'll likely want to secure some or all of your API. To setup your first API user run node install and answer the prompts.

Set GatekeeperAPI.apiAuthMiddleware() to be used by your app/router. If you're creating an express app, you can do so by adding app.use(GatekeeperAPI.apiAuthMiddleware());. Be sure to include that middleware call before declaring/binding any routes you wish to restrict access to.

If you don't want to require api authentication for usage you should instead use GatekeeperAPI.facetInit() to initialize the module with the request lifecycle objects. The facetInit() function is available to all facet modules and only needs to be used once, regardless of the number of facet modules in use.

Configuration

See docs.

API

Events emitted/subscribed to

See docs.

CRUD functions

See docs.

Overriding default functionality

coming soon

TODO

  • bug fixes
  • custom validation for multitenancy
  • set up related model routes (ie /users//groups)
  • write middleware for koa and flatiron
  • implement password retrieval
  • implement oauth
  • finish writing unit tests
  • provide sample applications
facetfacet-gatekeepergatekeeperauthuseraccessauthentication
asyncbcryptfacet-corefacet-intercomjwt-simplemongoosemongoose-treenode-uuidpromptunderscore
@infinitebrahmanuniverse/nolb-fac@everything-registry/sub-chunk-1644@zalastax/nolb-fac
0.1.1

10 years ago

0.1.0

10 years ago