npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

role-based-route-authentication

v1.0.1

Published

role-based-route-authentication provides route authentication on role based for nodejs.

Downloads

6

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

parteekparteek

Keywords

authenticationnoderolerest-apirestauthrouteauthorization

Readme

role-based-route-authentication

role-based-route-authentication provides route authentication on role based for nodejs.

By using role-based-route-authentication we can authenticate route on based of roles easily.

Installation

role-based-route-authentication may be installed via npm with:

npm install role-based-route-authentication

Usage

The sample below and others are included in the example directory.

To use role-based-route-authentication we need to define two things.

First we need a role based permission JSON as below format:
roleBasedPermissionJSON = {
'role': ['METHOD_routeUrl']
}

According to above format key of JSON will be role. ANd value of key will be an array.

The values of array will be combination of http method and api route url.

For E.g

roleBasedPermissionJSON = {
'ADMIN': ['GET_users'],
}
/* ADMIN is the role, and GET is the http method join with route
 * by using underscore '_'.
 * if you want to authenticate deep routing for e.g api route
 * is'/users/details' of GET.
 * Then permission will be 'GET_users_details' as below:
 */
roleBasedPermissionJSON = {
'ADMIN': ['GET_users_details'],
}
Second thing we need is the key by using which we can get role from node request object.

For E.g

const { setPermissionsWithRole } = require('role-based-route-authentication');

const  permissionJSON = {
'SUPER_ADMIN': 'all',
'ADMIN': ['GET_users'],
'CLIENT': ['GET_list'],
};
/* To allowed permission fro all routes just simply set the value
 * of role is 'all'.
 */
const  roleKey = "users";
/* As e.g roleKey is "users". So we get the role always from
 * request.users.role.
 */
const roleBasedAuthenticator = setPermissionsWithRole(permissionJSON, roleKey);

/* Now to use role based authentication we just need to place 
 * above variable "roleBasedAuthenticator" as middleware in api
 * route as below:
 */

route.get('/users', roleBasedAuthenticator, function(request, response){
	//This code will be execute if route is authenticated. 
})

To use authentication only for baseUrl of route

To use role based route authentication only for base url, we can set authentication exact after baseUrl as middleware as below: For E.g

var express = require('express');
var app = express();
const usersRoute = require('./usersRoute');
const { setPermissionsWithRole } = require('role-based-route-authentication');
const  permissionJSON = {
'ADMIN': ['GET_users'],
'CLIENT': ['GET_list'],
};
const  roleKey = "users";
const roleBasedAuthenticator = setPermissionsWithRole(permissionJSON, roleKey);

app.use('/users', roleBasedAuthenticator, usersRoute);

To use authentication for deep route

Always place authenticator as middleware till where you want to authenticate your route. For E.g

const { setPermissionsWithRole } = require('role-based-route-authentication');
const  permissionJSON = {
'ADMIN': ['GET_users'],
'CLIENT': ['GET_list'],
};
const  roleKey = "users";
const roleBasedAuthenticator = setPermissionsWithRole(permissionJSON, roleKey);

/* Now if route is "/users/details" of GET type.
 * If we want to authenticate only for baseUrl (e.g "users"), then
 * place "roleBasedAuthenticator" after baseUrl as middleware as
 * below:
 */
app.use('/users', roleBasedAuthenticator, usersRoute);

/* But if we want to authenticate for deep ruote (e.g"/users/details"), then
 * place "roleBasedAuthenticator" after api url till where we want
 * to authenticate as middleware as below:
 */
 app.use('/users', usersRoute);
 route.get('/details', roleBasedAuthenticator, function(request, response){
	//This code will be execute if route "/users/details" is authenticated.
})

Similarly use for all routes. On unauthorized route it will throw error for 404 status.

Node Support Policy

role-based-route-authentication supports all versions of node v5 and so on.

Issues

Please report any issues using the role-based-route-authentication issue tracker. When using

the issue tracker

  • Include complete details about the issue.

  • You can include a link to a gist with any stack traces/logs (and you can also attach these directly to the bug report).

  • Your bug report will be closed if you do not provide enough information abut the issue.

  • Please only open new issue and reference the original issue in your report.