@voilab/vmol-auth

Authentication and Authorization framework for Moleculer

0.5.0
Source
npm

Version published: 2 years ago

Weekly downloads: 57; decreased by-14.93%

Maintainers: 2

Weekly downloads

Created: 4 years ago

Source

vmol-users

Components

Auhentication

Expect a JWT in ctx.meta.token. Will parse and check the JWT and then put the resulting token in ctx.locals.token. If the token is invalid, expired or malformed, a MoleculerClientError exception will be thrown. If no token is provided, no exception is thrown and ctx.locals.token is undefined.

Authorization

Expects an array role inside ctx.locals.token. Will request Casl abilites definition from the abilities service and match the requested action against the abilities. If the user doesn't have access to that action, a MoleculerClientError exception will be thrown.

Usage

To enable, add the middleware to your services.

module.exports = {
    name: 'myservice',

    /**
     * Mixins
     */
    mixins: [ AuthorizationMixin, AuthenticationMixin ],
};

When usign both AuthorizationMixin and AuthenticationMixin, authentication must be set after authorization.

Automatic ACL validation

Manual ACL validation

Keywords

FAQs

What is @voilab/vmol-auth?

Is @voilab/vmol-auth popular?

Is @voilab/vmol-auth well maintained?

Package last updated on 25 Jan 2023

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install