@byu-oit/windrunner-authorization-apm

Authorize requests by checking if the caller has the appropriate permission

Note To use this package you will need to install and register the @byu-oit/fastify-jwt plugin

Usage

import Fastify from 'fastify'
import { ByuLogger } from '@byu-oit/logger'
import ByuJwtProvider from '@byu-oit/fastify-jwt'
import { AppPermissionAuthorizationProvider } from '@byu-oit/windrunner-authorization-apm'

/** Define options */
const prefix = '/example/v1'
const permission = 'example'

/** Server setup */
const fastify = Fastify({ logger: ByuLogger() })

await fastify.register(ByuJwtProvider, {prefix, issuer: process.env.BYU_OIT_ISSUER, development: process.env.NODE_ENV !== 'production' })

/**
 * By default, the AppPermissionAuthorizationProvider will pull the 
 * - Application Permission Base URL from APP_PERMISSION_BASE_URL env variable
 * - Application Permission API Key from APP_PERMISSION_API_KEY env variable
 */
await fastify.register(AppPermissionAuthorizationProvider, { prefix, permission })

fastify.get(prefix, async (request, reply) => {
  reply.code(200).send('I find your lack of faith disturbing')
})

await fastify.listen({ port: 3000 }).catch(err => {
  console.error(err)
  process.exit(1)
})