UNPKG

express-guard

Version:

A powerful, operation based, access and permission middleware for Express.

github.com/kevinpiac/express-guard

kevinpiac/express-guard

52 lines (42 loc) 1.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
const express = require('express'); const app = express(); const Guard = require('express-guard'); const guard = new Guard(); const anyone = new Guard.Role('anyone', { can: ['viewHomePage'], func(req) { return true; }, }); const authenticated = new Guard.Role('authenticated', { can: ['viewHomePage', 'viewAuthSection'], // example with an async role func: async (req) => { const userId = await Promise.resolve(req.userId); return !!userId; }, }); const admin = new Guard.Role('admin', { can: ['viewHomePage', 'viewAuthSection', 'viewAdminSection'], }) guard.roles = [admin, anyone, authenticated]; app.use((req, res, next) => { if (req.query.password === 'admin') { req.userId = 'fakeAdminId'; } else { req.userId = null; } next(); }); app.get('/', (req, res) => { res.send('Hello World!') }); app.get('/onlyForAuthenticated', async (req, res, next) => { await guard.requireAny('viewAuthSection')(req, res, next); }, (req, res) => { res.send('Hello Authenticated User!'); }); app.listen(3000, () => { console.log('Example app listening on port 3000!') });