torn-egg-authz

egg-authz is an authorization middleware for Egg.js

Usage no npm install needed!

<script type="module">
  import tornEggAuthz from 'https://cdn.skypack.dev/torn-egg-authz';
</script>

README

Egg-Authz

NPM version NPM download codebeat badge Build Status Coverage Status Gitter

Egg-Authz is an authorization middleware for Egg, it's based on Node-Casbin: https://github.com/casbin/node-casbin.

1. Installation

npm install --save egg-authz

2. Create a file in middleware directory to import the module.

// app/middleware/authz.js
module.exports = require('egg-authz')
// config/config.default.js
const { Enforcer } = require('casbin')
module.exports = {
  middleware: [ 'authz' ],
  authz: {
    enable: true,
    newEnforcer: async() => {
      // load the casbin model and policy from files, database is also supported.
      const enforcer = await Enforcer.newEnforcer('authz_model.conf', 'authz_policy.csv')
      return enforcer
    }
  }
}

3. Enable the middleware in your config files.

How to control the access

The authorization determines a request based on {subject, object, action}, which means what subject can perform what action on what object. In this plugin, the meanings are:

  1. subject: the logged-on user name
  2. object: the URL path for the web resource like "dataset1/item1"
  3. action: HTTP method like GET, POST, PUT, DELETE, or the high-level actions you defined like "read-file", "write-blog"

For how to write authorization policy and other details, please refer to the Casbin's documentation.

Getting Help

License

This project is licensed under the Apache 2.0 license.