Nutella Peanut-Butter Marshmallow

npm

Need private packages and team management tools?Check out npm Orgs. »

weak-rbac

0.0.3 • Public • Published

weak-rbac

This is the simplest RBAC for express router. You may use it to regulate session and access based on route and user role.

Example

app.get(
    '/hidden-resource',
    allow(['admin'], true), // Here we checking the access, it will be follow down if user role is not 'admin'
    (req, res, next) => {
        // res.send() the resource
        // next(error) if something wrong
    },
);

full example available on example.js file

Quick configuration of RBAC available

app.use(initRBAC({
    tokenHeaderName: 'X-My-Token',
    errorAllowedCallback: () => new HttpError(403, 'Permission denied'),
    errorSessionCallback: () => new HttpError(403, 'User Banned'),
    errorNoneRoleCallback: () => new HttpError(418, 'This Role not available in system'),
    roles: ['admin', 'user', 'john'],
}));

To Do

  • Tests (mocha.js)

install

npm i weak-rbac

Downloadsweekly downloads

3

version

0.0.3

license

MIT

homepage

github.com

repository

Gitgithub

last publish

collaborators

  • avatar
Report a vulnerability