@bongione/express-auth-usertype-middleware
v0.1.0
Published
Express middleware that provides authorization middleware in front of routes for normal, admin and sysadmin users
Downloads
4
Readme
express-auth-usertype-middleware
Simple middleware that returns a 403 error when a user is not authenticated to the required level of security.
The library offers three levels of check: authenticated users, admin users and sysadmin users.
Usage
function isReqAuthenticated(req) { ... }
function isReqAdminAuthenticated(req) { ... }
function isReqSysAdminAuthenticated(req) { ... }
let { onlyAuthenticatedUsers, onlyAdminUsers, onlySysAdminUsers } =
require('@bongione/express-auth-usertype-middleware')({
isAuthenticatedUser : isReqAuthenticated,
isAdminUser : isReqAdminAuthenticated,
isSysAdminUser : isReqSysAdminAuthenticated
})
app.use('/my_protected_routes', onlyAuthenticatedUsers, protected_routes_router)
app.use('/my_admin_routes', onlyAdminUsers, admin_routes_router)
app.use('/my_sysadmin_routes', onlySysAdminUsers, sysadmin_routes_router)
The default implementation of isAuthenticatedUser uses the passport req.isAuthenticated function.
The default implementations of isAdminUser and isSysAdminUser instead are specific to Mindiply and ought to be customized.
License
Apache 2.0