npm install check-user-role
import CheckUserRole from 'check-user-role'
const checkUserRole = CheckUserRole({
superUser: 'admin',
errorObject: new Error('Unauthorized'),
roleGetter: (req) => req.myAuthenticatedUser && req.myAuthenticatedUser.role,
})
If no roleGetter is provided, will use default req.user.role If no errorObject is provided, will use the default
Error({
statusCode: 403,
message: 'Forbidden',
})
const lumberjackOrFarmerChecker = checkUserRole(['lumberjack', 'farmer'])
router.get('/enter-the-farm',
app.auth.authenticate(),
lumberjackOrFarmerChecker,
(req, res) => {
// Do whatever farmers and lumberjacks do at a farm
}
const lumberjackChecker = checkUserRole(['lumberjack'])
router.get('/chop-trees',
app.auth.authenticate(),
lumberjackChecker,
(req, res) => {
// Chop some trees
}
const farmerChecker = checkUserRole(['farmer'])
router.get('/farm',
app.auth.authenticate(),
lumberjackChecker,
(req, res) => {
// Farms
}
npm test