@kilpi/core

🐢 Kilpi — Authorization made simple

Read the docs to get started

Kilpi is the open-source TypeScript authorization library designed for developers who need flexible, powerful, and intuitive authorization.

Designed and created by Jussi Nevavuori with ❤️ in Brisbane & Helsinki

Features

• Server-first authorization
• Framework agnostic
• Auth provider agnostic
• Policies as code
• Async policies
• Supports any authorization model
• Protected queries
• Plugin API & Library
• Developer friendly API
• 100% Type-safe

Installation guides

• React server components
• Next.js
• Hono
• Express
• Koa
• Oak
• Nestjs

...or any other framework - Kilpi is easy to integrate into any TypeScript application.

Examples

Define policies declaratively

// Kilpi.ts
export const Kilpi = createKilpi({ 
  getSubject, 
  policies: {
    documents: {
      update(user, doc: Document) {
        if (!user) return deny("Unauthenticated");
        return user.id === doc.ownerId ? grant(user) : deny();
      }
    }
  }
})

Authorize actions with one line

const user = await Kilpi.authorize("documents:update", document);

Protect your data right at the source

const getDocument = Kilpi.query(
  async (id: string) => await db.documents.get(id),
  {
    async protector({ output: doc }) {
      if (doc) await Kilpi.authorize("documents:read", doc);
      return doc;
    }
  }
);

await getDocument.protect("1");

And much more.

Read the docs to get started