koa-accesscontrol
This is koa middleware for accesscontrol
Middleware filters request body and also response body.
Installation
npm i koa-accesscontrol
Grants
Grants can be loaded from the database or file.
admin: users: 'create:any': '*' 'read:any': '*' 'update:any': '*' 'delete:any': '*' user: users: 'create:any': 'uuid' 'read:own': 'uuid' 'firstname' 'lastname' 'update:own': 'firstname' 'lastname' 'email' 'phone' 'delete:own': 'uuid' ;
Usage Example
Use grants object when initializing the Middleware. Also specify the location of user role. If no operands are specified when using the middleware, checking the ownership of the resource will be skipped.
TypeScript
;;; ; ;;; router.get'/users', auth,; router.get'/users/:uuid', auth,; app .userouter.routes .userouter.allowedMethods; app.listen8080;
JavaScript
const Koa = ;const Router = ;const Authorization = ; const grants = user: users: 'create:any': 'uuid' 'read:own': 'uuid' 'firstname' 'lastname' 'update:own': 'firstname' 'lastname' 'email' 'phone' 'delete:own': 'uuid' ; const app = ;const router = ;const auth = ; router; router; app ; app;
Todo
- Enable option to overwrite actions used for methods