npm
Sign UpSign In

restify-basic-acl

1.0.0 • Public • Published

restify-basic-acl

Version Downloads

Enable basic role-based ACL on an HTTP-method basis. Great for small applications that manage one or two resources, such as micro-services.

Installation & Usage

After installing restify-basic-acl with npm i --save restify-basic-acl, add it as a Restify plugin:

let restify = require('restify');
let basicAcl = require('restify-basic-acl');
 
let roles = {
    user: [
        'get',
    ],
    admin: [
        'get',
        'post',
        'put',
        'delete',
    ],
};
 
let server = restify.createServer();
 
server
    .use(basicAcl.basicAclPlugin({
        // the header that the authenticated user's info is passed (JSON is auto-decoded)
        // it is then stored in req.user in any future middleware
        userHeader: 'X-User',
        // the header that the authenticated user's roles are passed (comma-separated)
        // they are then stored in req.roles in any future middleware
        rolesHeader: 'X-User-Roles',
        // pass in your permission data here, that one of the user's roles should match
        roles: roles,
        // optionally specify exact routes that should bypass ACL entirely
        unprotectedRoutes: [
            '/health',
        ],
    }, restify))
    .listen(3000);

Readme

Keywords

Package Sidebar

Install

npm i restify-basic-acl

Repository

github.com/paulleduc/restify-basic-acl

Homepage

github.com/paulleduc/restify-basic-acl#readme

Weekly Downloads

0

Version

1.0.0

License

MIT

Last publish

Collaborators

  • mike.moore
  • egorvorozhtsov
  • emmpa
  • ingvar
  • doubleyou
  • paulleduc
Try on RunKit
Report malware