Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/hrdtr/guantr

Flexible, type-safe JavaScript library for efficient authorization and permission checking
https://github.com/hrdtr/guantr

authorization javascript security typescript

Last synced: about 2 months ago
JSON representation

Flexible, type-safe JavaScript library for efficient authorization and permission checking

Awesome Lists containing this project

README 

          
# Guantr



[![npm version](https://img.shields.io/npm/v/guantr?color=yellow)](https://npmjs.com/package/guantr)

[![npm downloads](https://img.shields.io/npm/dm/guantr?color=yellow)](https://npm.chart.dev/guantr)



Flexible, type-safe JavaScript library for efficient authorization and permission checking. Easily manage permissions, and context-aware access control with minimal overhead and a simple API.



## Usage



Install package:



```sh

# ✨ Auto-detect

npx nypm install guantr



# npm

npm install guantr



# yarn

yarn add guantr



# pnpm

pnpm add guantr



# bun

bun install guantr



# deno

deno install npm:guantr

```



Import:



**ESM** (Node.js, Bun, Deno)



```js

import { createGuantr } from 'guantr';

```



**CommonJS** (Legacy Node.js)



```js

const { createGuantr } = require('guantr');

```



**CDN** (Deno and Browsers)



```js

import { createGuantr } from 'https://esm.sh/guantr';

```



Initialize:



```ts

const guantr = await createGuantr();



// With Typescript Meta:

type Meta = GuantrMeta<{

  post: {

    action: 'create' | 'read' | 'update' | 'delete';

    model: {

      id: number;

      title: string;

      published: boolean;

    };

  };

}>;



const guantr = await createGuantr();



// Contextual

const user = {

  id: number,

  name: 'John Doe',

  roles: ['admin'],

};

const guantrWithContext = await createGuantr({

  getContext: () => ({ user }),

});

```



Setting rules:



```js

await guantr.setRules((can, cannot) => {

  can('read', 'post');

  cannot('read', ['post', { published: ['eq', false] }]);

});

// Or

await guantr.setRules([

  {

    resource: 'post',

    action: 'read',

    condition: null,

    effect: 'allow',

  },

  {

    resource: 'post',

    action: 'read',

    condition: {

      published: ['eq', false],

    },

    effect: 'deny',

  },

]);

```



Rules also can be set on instance creation:



```ts

const guantr = await createGuantr([

  {

    resource: 'post',

    action: 'read',

    condition: {

      published: ['eq', false],

    },

    effect: 'deny',

  },

]);

```



Authorize:



```js

await guantr.can('read', 'post'); // true



const post = {

  id: 1,

  title: 'Hello World',

  published: false,

};

await guantr.can('read', ['post', post]); // false

```



## Development



local development



- Clone this repository

- Install latest LTS version of [Node.js](https://nodejs.org/en/)

- Enable [Corepack](https://github.com/nodejs/corepack) using `corepack enable`

- Install dependencies using `pnpm install`

- Run interactive tests using `pnpm dev`



## License



Published under the [MIT](https://github.com/Hrdtr/guantr/blob/main/LICENSE) license.

Made by [community](https://github.com/Hrdtr/guantr/graphs/contributors) 💛












---



_🤖 auto updated with [automd](https://automd.unjs.io)_