1.0.0 • Published 7 years ago

restify-basic-acl v1.0.0

Weekly downloads
14
License
MIT
Repository
github
Last release
7 years ago

restify-basic-acl

Version Downloads

Enable basic role-based ACL on an HTTP-method basis. Great for small applications that manage one or two resources, such as micro-services.

Installation & Usage

After installing restify-basic-acl with npm i --save restify-basic-acl, add it as a Restify plugin:

let restify = require('restify');
let basicAcl = require('restify-basic-acl');

let roles = {
    user: [
        'get',
    ],
    admin: [
        'get',
        'post',
        'put',
        'delete',
    ],
};

let server = restify.createServer();

server
    .use(basicAcl.basicAclPlugin({
        // the header that the authenticated user's info is passed (JSON is auto-decoded)
        // it is then stored in req.user in any future middleware
        userHeader: 'X-User',
        // the header that the authenticated user's roles are passed (comma-separated)
        // they are then stored in req.roles in any future middleware
        rolesHeader: 'X-User-Roles',
        // pass in your permission data here, that one of the user's roles should match
        roles: roles,
        // optionally specify exact routes that should bypass ACL entirely
        unprotectedRoutes: [
            '/health',
        ],
    }, restify))
    .listen(3000);
restifypluginextensionaclpermissions
restify
@everything-registry/sub-chunk-2659@zalastax/nolb-resti
1.0.0

7 years ago

0.1.0

7 years ago

0.0.1

7 years ago