@macfja/sveltekit-cas
Advanced tools
A set of functions to ease usage of a CAS/SSO in SvelteKit
npm install --save @macfja/sveltekit-cas
Protect all pages that start with /profile/ and only allow user to go on his own page (/profile/my-cool-username)
// src/hooks.server.ts
import { sessionHook } from "@macfja/sveltekit-session"
import { casHandler } from "@macfja/sveltekit-cas"
import type { Handle } from "@sveltejs/kit"
import { sequence } from "@sveltejs/kit/hooks"
export const handle: Handle = sequence(
sessionHook(),
casHandler(
"http://0.0.0.0:8080",
2,
(event) => event.url.pathname.startsWith("/profile/"),
(event, user) => {
const regexp = event.url.pathname.match(/\/profile\/(\w+)/)
return user !== regexp[1]
}
)
)
Protect endpoint, so only connected user can access it
// src/routes/api/user/server.ts
import { error } from "@sveltejs/kit"
import { getUsername } from "@macfja/sveltekit-cas"
import type { RequestHandler } from "./$types"
export const POST: RequestHandler = async (event) => {
if (getUsername(event) !== "admin") {
throw error(403)
}
// ... Do operation that only the user `admin` can do
}
export const GET: RequestHandler = async (event) => {
if (getUsername(event) === undefined) {
throw error(401)
}
// ... Do operation that only connected user can do
}
The casHandler function take 4 parameters to change its behavior:
casRoot: The root URL to the CAS servercasVersion: The version of the CAS server (supported version: 1, 2, 3)authRequired (optional): A function to indicate if a request should have an authenticated userrejectAccess (optional): A function to indicate if a particular authenticated user if allowed to do a requestContributions are welcome. Please open up an issue or create PR if you would like to help out.
Read more in the Contributing file
The MIT License (MIT). Please see License File for more information.
[2.0.0]
1.0.0-next.492 and laterFAQs
CAS/SSO integration in SvelteKit
The npm package @macfja/sveltekit-cas receives a total of 2 weekly downloads. As such, @macfja/sveltekit-cas popularity was classified as not popular.
We found that @macfja/sveltekit-cas demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.