role-based-authorization
Middlewares
import { roleBasedAuthorization, validAuthentication, validSupportOrigin } from "role-based-authorization";
validAuthentication
1. Using json web token to basic authentication.
valid request:
headers:
{
"Authorization": {jwtToken}
}
validSupportOrigin
2. Using json web token to fitlering token support request origin.
valid token:
token payload: {
'allowed-origins': [listSupportOrigin]
}
roleBasedAuthorization
3. Using role-based access to authorization
used:
roleBasedAuthorization(allowRolesString)
valid allow roles string:
- role name with sso sever defines
- multiple role names with
","
- allow all roles with
allowRolesString = "*"