trollbridge
v0.1.3
Published
A lightweight permissions library for express & Node
Downloads
79
Maintainers
Readme
node-trollbridge
A permissions system for Node and Express
How to use
include the troll library and setup any of the strategies you want to include.
You can make your own strategy functions or use some of the premade ones
var trollbridge = require('trollbridge');
trollbridge.addStrategies([
trollbridge.PREMADESTRATEGIES.PASSPORT,
require('./myownstrategy')
]);
When creating routes, add a middleware for each route you want to secure
app.get('/user/edit', trollbridge.shallNotPass('edit_user'), userEditFunct));
You can also include a locals variable for templating languages
app.use(function(req, res, next) {
res.locals.has_permission = trollbridge.layoutHasPermission(req);
next();
})
and then in your template
{% if has_permission('edit_user') %}
<a href="/user/edit">Edit User</a>
{% endif %}
Creating Strategies
Strategies will throw an error if they are unable to be authenticated.
//sample strategy
module.exports = function(req, permission) {
if (!req.isAuthenticated()) {
throw "User is not authenticated";
}
if (typeof req.user === 'undefined' || req.user == null) {
throw "Should not be able to login";
}
}