New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →

Book a Demo Sign in

express-access

Package Overview

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

express-access

A lightweight access control middleware for Express.js

latest

Source

npm

Version: 1.4.1

Version published: 10 months ago

Maintainers: 1

Created: 10 months ago

Source

express-access

Express Access

A role-based access control middleware for Express.js applications.

Installation

npm install express-access

Features

Simple role-based access control
TypeScript support
Custom authentication middleware integration
Flexible permission checking
Supports all HTTP methods

Usage

const express = require('express');
const expressAccess = require('express-access');

const app = express();
expressAccess(app);

// Configure access control
app.access.config({
  authMiddleware: (req, res, next) => {
    // Your authentication logic
    req.user = { id: 1, permissions: ['user:list', 'user:create'] };
    next();
  },
  checkPermission: async (user, permission) => {
    // Your permission checking logic
    return user.permissions.includes(permission);
  }
});

// Public route - no authentication required
app.get('/', (req, res) => {
  res.json({ message: 'Welcome to the API' });
});

// Protected route - requires 'user:list' permission
app.access.get('/users', 'user:list', (req, res) => {
  res.json({ message: 'User list fetched successfully.' });
});

app.listen(3000);

API

expressAccess(app)

Patches the Express application with access control methods.

app.access.config(options)

Configure the access control middleware.

options.authMiddleware: Authentication middleware function
options.checkPermission: Permission checking function

Protected Routes

app.access.get(path, permission, handlers)
app.access.post(path, permission, handlers)
app.access.put(path, permission, handlers)
app.access.delete(path, permission, handlers)
app.access.patch(path, permission, handlers)
app.access.options(path, permission, handlers)
app.access.head(path, permission, handlers)
app.access.all(path, permission, handlers)
app.access.use(path, permission, handlers)

TypeScript Support

import expressAccess from 'express-access';

interface User {
  id: number;
  permissions: string[];
}

app.access.config<User>({
  authMiddleware: (req, res, next) => {
    req.user = { id: 1, permissions: ['user:list', 'user:create'] };
    next();
  },
  checkPermission: async (user, permission) => {
    return user.permissions.includes(permission);
  }
});

License

MIT

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Keywords

FAQs

What is express-access?

Is express-access well maintained?

Package last updated on 30 May 2025

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

express-access

express-access

Express Access

Installation

Features

Usage

API

expressAccess(app)

app.access.config(options)

Protected Routes

TypeScript Support

License

Contributing

Keywords

Related posts

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Node.js Drops Bug Bounty Rewards After Funding Dries Up