0.0.13 • Published 9 years ago
rac v0.0.13
RAC
Resource based access control for nodejs
Rac uses mongodb for storing resource information and redisdb for caching resources for runtime.
It requires property roleId to be loaded in request object. For example :
req.session = {};
req.session.roleId = 2;
So you have to have middleware in front of rac that loads role for every request
#Quick start
var redisClient = require('redis').createClient(6379, 'localhost'),
MongoClient = MongoClient = require('mongodb').MongoClient;
mongoclient = new MongoClient(new Server("localhost", 27017), {native_parser: true});
;
var Rac = require('rac'); //load rac
var rac = Rac(mongoClient, redisClient);
rac.defineResource({
uri : '/users/:userId',
verb : 'GET',
name : 'Read user',
description : 'API endpoint that reads all the users',
roles : [
{
roleId : 2,
constraints : ["isOwner"]
}
]
});
app.get('/users/:userId', roleLoadingMiddleware(), rac.middleware('/users/:userId'), function(req, res){
//your code
});