fastify-casbin
Advanced tools
A plugin for Fastify that adds support for Casbin.
It provides an unopinionated approach to use Casbin's Node.js APIs within a Fastify application.
npm i casbin fastify-casbin
casbinis a peer dependency and must be installed explicitly
Once registered, the plugin will decorate the Fastify instance with a casbin namespace which will be an instance of the Enforcer type.
It will expose the full Casbin API, primarily the enforce method, to check if a rule is satistifed.
Using basic model and policy files.
const fastify = require('fastify')()
fastify.register(require('fastify-casbin'), {
model: 'basic_model.conf', // the model configuration
adapter: 'basic_policy.csv' // the adapter
})
fastify.get('/protected', async () => {
if (!(await fastify.casbin.enforce('alice', 'data1', 'read'))) {
throw new Error('Forbidden')
}
return `You're in!`
})
Using casbin-pg-adapter and casbin-pg-watcher
const fastify = require('fastify')()
const { newAdapter } = require('casbin-pg-adapter').default
const { newWatcher } = require('casbin-pg-watcher')
const pgOptions = {
connectionString: 'postgres://localhost',
migrate: true
}
async () => {
fastify.register(require('fastify-casbin'), {
model: 'basic_model.conf', // the model configuration
adapter: await newAdapter(pgOptions), // the adapter
watcher: await newWatcher(pgOptions) // the watcher
})
// add some policies at application startup
fastify.addHook('onReady', async function () {
await fastify.casbin.addPolicy('alice', 'data1', 'read')
})
fastify.get('/protected', async () => {
if (!(await fastify.casbin.enforce('alice', 'data1', 'read'))) {
throw new Error('Forbidden')
}
return `You're in!`
})
}
import fastify from 'fastify'
import { join } from 'path'
import { Model, FileAdapter } from 'casbin'
import fastifyCasbin from 'fastify-casbin'
const modelPath = join(__dirname, 'auth', 'basic_model.conf')
const policyPath = join(__dirname, 'auth', 'basic_policy.csv')
const app = fastify()
const preloadedModel = new Model()
preloadedModel.loadModel(modelPath)
const preloadedAdapter = new FileAdapter(policyPath)
app.register(fastifyCasbin, {
model: preloadedModel,
adapter: preloadedAdapter
})
app.get('/protected', async () => {
if (!(await app.casbin.enforce('alice', 'data1', 'read'))) {
throw new Error('Forbidden')
}
return `You're in!`
})
Licensed under MIT License
FAQs
Plugin for fastify to add generic support for Casbin
The npm package fastify-casbin receives a total of 634 weekly downloads. As such, fastify-casbin popularity was classified as not popular.
We found that fastify-casbin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Malicious Namastex.ai npm packages appear to replicate TeamPCP-style Canister Worm tradecraft, including exfiltration and self-propagation.
Product
Explore exportable charts for vulnerabilities, dependencies, and usage with Reports, Socket’s new extensible reporting framework.
Product
Socket for Jira lets teams turn alerts into Jira tickets with manual creation, automated ticketing rules, and two-way sync.