casbin
    TypeScript icon, indicating that this package has built-in type declarations

    5.11.5 • Public • Published

    Node-Casbin

    NPM version NPM download install size codebeat badge GitHub Actions Coverage Status Release Gitter

    News: still worry about how to write the correct node-casbin policy? Casbin online editor is coming to help!

    casbin Logo

    node-casbin is a powerful and efficient open-source access control library for Node.JS projects. It provides support for enforcing authorization based on various access control models.

    All the languages supported by Casbin:

    golang java nodejs php
    Casbin jCasbin node-Casbin PHP-Casbin
    production-ready production-ready production-ready production-ready
    python dotnet c++ rust
    PyCasbin Casbin.NET Casbin-CPP Casbin-RS
    production-ready production-ready beta-test production-ready

    Documentation

    https://casbin.org/docs/en/overview

    Installation

    # NPM
    npm install casbin --save
    
    # Yarn
    yarn add casbin

    Get started

    New a node-casbin enforcer with a model file and a policy file, see Model section for details:

    // For Node.js:
    const { newEnforcer } = require('casbin');
    // For browser:
    // import { newEnforcer } from 'casbin';
    
    const enforcer = await newEnforcer('basic_model.conf', 'basic_policy.csv');

    Note: you can also initialize an enforcer with policy in DB instead of file, see Persistence section for details.

    Add an enforcement hook into your code right before the access happens:

    const sub = 'alice'; // the user that wants to access a resource.
    const obj = 'data1'; // the resource that is going to be accessed.
    const act = 'read'; // the operation that the user performs on the resource.
    
    // Async:
    const res = await enforcer.enforce(sub, obj, act);
    // Sync:
    // const res = enforcer.enforceSync(sub, obj, act);
    
    if (res) {
      // permit alice to read data1
    } else {
      // deny the request, show an error
    }

    Besides the static policy file, node-casbin also provides API for permission management at run-time. For example, You can get all the roles assigned to a user as below:

    const roles = await enforcer.getRolesForUser('alice');

    See Policy management APIs for more usage.

    Policy management

    Casbin provides two sets of APIs to manage permissions:

    • Management API: the primitive API that provides full support for Casbin policy management.
    • RBAC API: a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code.

    Official Model

    https://casbin.org/docs/en/supported-models

    Policy persistence

    https://casbin.org/docs/en/adapters

    Policy consistence between multiple nodes

    https://casbin.org/docs/en/watchers

    Role manager

    https://casbin.org/docs/en/role-managers

    Contributors

    This project exists thanks to all the people who contribute.

    Backers

    Thank you to all our backers! 🙏 [Become a backer]

    Sponsors

    Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]

    License

    This project is licensed under the Apache 2.0 license.

    Contact

    If you have any issues or feature requests, please contact us. PR is welcomed.

    Keywords

    none

    Install

    npm i casbin

    Homepage

    casbin.org

    DownloadsWeekly Downloads

    20,698

    Version

    5.11.5

    License

    Apache-2.0

    Unpacked Size

    530 kB

    Total Files

    214

    Last publish

    Collaborators

    • dreamdevil00
    • nodece
    • hsluoyz
    • chalin
    • kingiw
    • zxilly