https://github.com/node-casbin/egg-authz

egg-authz is an authorization middleware for Egg.js based on Casbin
https://github.com/node-casbin/egg-authz

authorization casbin egg egg-plugin eggjs koa2 middleware

Last synced: 8 months ago
JSON representation

egg-authz is an authorization middleware for Egg.js based on Casbin

• Host: GitHub
• URL: https://github.com/node-casbin/egg-authz
• Owner: node-casbin
• License: apache-2.0
• Created: 2018-08-11T12:18:20.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2023-08-06T14:06:12.000Z (over 2 years ago)
• Last Synced: 2024-11-15T23:29:57.736Z (over 1 year ago)
• Topics: authorization, casbin, egg, egg-plugin, eggjs, koa2, middleware
• Language: JavaScript
• Homepage: https://github.com/casbin/node-casbin
• Size: 136 KB
• Stars: 51
• Watchers: 4
• Forks: 4
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
Egg-Authz 

====

[![NPM version][npm-image]][npm-url]

[![NPM download][download-image]][download-url]

[![codebeat badge](https://codebeat.co/badges/9defa882-898c-4dcb-91a6-7e8f061ccaac)](https://codebeat.co/projects/github-com-node-casbin-egg-authz-master)

[![Build Status](https://travis-ci.org/node-casbin/egg-authz.svg?branch=master)](https://travis-ci.org/node-casbin/egg-authz)

[![Coverage Status](https://coveralls.io/repos/github/node-casbin/egg-authz/badge.svg?branch=master)](https://coveralls.io/github/node-casbin/egg-authz?branch=master)

[![Discord](https://img.shields.io/discord/1022748306096537660?logo=discord&label=discord&color=5865F2)](https://discord.gg/S5UjpzGZjN)

[npm-image]: https://img.shields.io/npm/v/egg-authz.svg?style=flat-square

[npm-url]: https://npmjs.org/package/egg-authz

[download-image]: https://img.shields.io/npm/dm/egg-authz.svg?style=flat-square

[download-url]: https://npmjs.org/package/egg-authz

Egg-Authz is an authorization middleware for [Egg](https://eggjs.org/), it's based on ``Node-Casbin``: [https://github.com/casbin/node-casbin](https://github.com/casbin/node-casbin).

## 1. Installation

### use casbin v2.x

```shell

npm install casbin@2 egg-authz@2 --save

```

### use casbin v3.x

```shell

npm install casbin@3 egg-authz@3 --save

```

## 2. Create a file in middleware directory to import the module.

```js

// app/middleware/authz.js

module.exports = require('egg-authz')

```

```js

// config/config.default.js

const casbin = require('casbin')

module.exports = {

  middleware: [ 'authz' ],

  authz: {

    enable: true,

    newEnforcer: async() => {

      // load the casbin model and policy from files, database is also supported.

      const enforcer = await casbin.newEnforcer('authz_model.conf', 'authz_policy.csv')

      return enforcer

    }

  }

}

```

## 3. Enable the middleware in your config files.

## How to control the access

The authorization determines a request based on ``{subject, object, action}``, which means what ``subject`` can perform what ``action`` on what ``object``. In this plugin, the meanings are:

1. ``subject``: the logged-on user name

2. ``object``: the URL path for the web resource like "dataset1/item1"

3. ``action``: HTTP method like GET, POST, PUT, DELETE, or the high-level actions you defined like "read-file", "write-blog"

For how to write authorization policy and other details, please refer to [the Casbin's documentation](https://casbin.org).

## Getting Help

- [Node-Casbin](https://github.com/casbin/node-casbin)

## License

This project is licensed under the [Apache 2.0 license](LICENSE).