fastify-casbin
Advanced tools
A plugin for Fastify that adds support for Casbin.
It provides an unopinionated approach to use Casbin's Node.js APIs within a Fastify application.
npm i casbin fastify-casbin
casbinis a peer dependency and must be installed explicitly
Once registered, the plugin will decorate the Fastify instance with a casbin namespace which will be an instance of the Enforcer type.
It will expose the full Casbin API, primarily the enforce method, to check if a rule is satistifed.
Using basic model and policy files.
const fastify = require('fastify')()
fastify.register(require('fastify-casbin'), {
model: 'basic_model.conf', // the model configuration
adapter: 'basic_policy.csv' // the adapter
})
fastify.get('/protected', async () => {
if (!(await fastify.casbin.enforce('alice', 'data1', 'read'))) {
throw new Error('Forbidden')
}
return `You're in!`
})
Using casbin-pg-adapter and casbin-pg-watcher
const fastify = require('fastify')()
const { newAdapter } = require('casbin-pg-adapter').default
const { newWatcher } = require('casbin-pg-watcher')
const pgOptions = {
connectionString: 'postgres://localhost'
migrate: true
}
fastify.register(require('fastify-casbin'), {
model: 'basic_model.conf', // the model configuration
adapter: await newAdapter(pgOptions), // the adapter
watcher: await newWatcher(pgOptions) // the watcher
})
// add some policies at application startup
fastify.addHook('onReady', async function () {
await fastify.casbin.addPolicy('alice', 'data1', 'read')
})
fastify.get('/protected', async () => {
if (!(await fastify.casbin.enforce('alice', 'data1', 'read'))) {
throw new Error('Forbidden')
}
return `You're in!`
})
import fastify from 'fastify'
import { join } from 'path'
import { Model, FileAdapter } from 'casbin'
const modelPath = join(__dirname, 'auth', 'basic_model.conf')
const policyPath = join(__dirname, 'auth', 'basic_policy.csv')
const app = fastify()
const preloadedModel = new Model()
preloadedModel.loadModel(modelPath)
const preloadedAdapter = new FileAdapter(policyPath)
fastify.register(plugin, {
model: preloadedModel,
adapter: preloadedAdapter
})
fastify.get('/protected', async () => {
if (!(await fastify.casbin.enforce('alice', 'data1', 'read'))) {
throw new Error('Forbidden')
}
return `You're in!`
})
Licensed under MIT License
FAQs
Plugin for fastify to add generic support for Casbin
The npm package fastify-casbin receives a total of 88 weekly downloads. As such, fastify-casbin popularity was classified as not popular.
We found that fastify-casbin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.