@opuscapita/bouncer
Advanced tools
Comparing version 1.0.38 to 1.0.39
@@ -447,3 +447,3 @@ const extend = require('extend'); | ||
req.opuscapita.getUserTenants = () => [ ]; | ||
req.opuscapita.getUserTenantsByUri = () => [ ]; | ||
req.opuscapita.getUserTenantsByUrl = () => [ ]; | ||
@@ -450,0 +450,0 @@ next(); |
{ | ||
"name": "@opuscapita/bouncer", | ||
"version": "1.0.38", | ||
"version": "1.0.39", | ||
"description": "API and express middleware for OpusCapita ACl service based access security.", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
# @opuscapita/bouncer | ||
OpusCapita Bouncer is a module providing several security APIs for securing endpoints and data based on users, roles and resource identifiers. | ||
OpusCapita Bouncer is a module providing several security APIs for securing endpoints in REST services. | ||
## Using Bouncer | ||
* In order to use Bouncer in your project you can either use Bouncer directly, as express middleware or through [@opuscapita/web-init](https://github.com/OpusCapita/web-init). | ||
* In order to use Bouncer in your project, you can either use Bouncer directly as an express middleware or through [@opuscapita/web-init](https://github.com/OpusCapita/web-init). | ||
* For using Bouncer directly via API, please have a look at the API documentation [wiki](https://github.com/OpusCapita/bouncer/wiki). | ||
* To use Bouncer with express, simply use the prepared middleware. | ||
Middleware example: | ||
To use Bouncer with express, simply use the prepared middleware: | ||
```JS | ||
@@ -17,9 +14,16 @@ const Bouncer = require('@opuscapita/bouncer'); | ||
... | ||
const app = express(); | ||
app.use(bouncer.middleware()); | ||
``` | ||
**Attention**: *Bouncer requires the *opuscapita* namespace to be available inside the request object passed to the middleware by express. It ueses opuscapita.logger, opuscapita.serviceClient and opuscapita.userData().* | ||
**Attention**: *Bouncer requires the *opuscapita* namespace to be available inside the request object passed to the middleware by express. It ueses opuscapita.logger, opuscapita.serviceClient and opuscapita.userData() which, if used, also require [useridentity-middleware](https://github.com/OpusCapita/useridentity-middleware).* | ||
## req.opuscapita methods | ||
Bouncer extends the **req.opuscapita** namespace with several, request bound methods where some of which can only be used if [useridentity-middleware](https://github.com/OpusCapita/useridentity-middleware) is available. | ||
* req.opuscapita.**getUserTenants()** | ||
* *Returns an array of tenants a user has access to on the current endpoint.* | ||
* req.opuscapita.**getUserTenantsByUrl(url, serviceName = null)** | ||
* *Returns an array of tenants a user has access to on a specific endpoint.* | ||
## Defining resource groups (access groups) for Bouncer. | ||
@@ -112,4 +116,4 @@ | ||
* Redis | ||
* [User] | ||
* [RabbitMQ] | ||
* User | ||
* RabbitMQ | ||
@@ -116,0 +120,0 @@ For detailed service definitions, please have a look at the [docker-compose.yml](docker-compose.yml) file. |
29381
143