HAS BEEN MOVED TO https://github.com/gofiber/contrib/tree/main/casbin
Casbin
Casbin middleware for Fiber
Install
go get -u github.com/gofiber/fiber/v2
go get -u github.com/arsmn/fiber-casbin/v2
choose an adapter from here
go get -u github.com/casbin/xorm-adapter
Signature
fibercasbin.New(config ...fibercasbin.Config) *fibercasbin.CasbinMiddlewareConfig
| Property | Type | Description | Default |
|---|---|---|---|
| ModelFilePath | string |
Model file path | "./model.conf" |
| PolicyAdapter | persist.Adapter |
Database adapter for policies | ./policy.csv |
| Enforcer | *casbin.Enforcer |
Custom casbin enforcer | Middleware generated enforcer using ModelFilePath & PolicyAdapter |
| Lookup | func(*fiber.Ctx) string |
Look up for current subject | "" |
| Unauthorized | func(*fiber.Ctx) error |
Response body for unauthorized responses | Unauthorized |
| Forbidden | func(*fiber.Ctx) error |
Response body for forbidden responses | Forbidden |
Examples
CustomPermission
package main
import (
"github.com/gofiber/fiber/v2"
"github.com/arsmn/fiber-casbin/v2"
_ "github.com/go-sql-driver/mysql"
"github.com/casbin/xorm-adapter/v2"
)
func main() {
app := fiber.New()
authz := fibercasbin.New(fibercasbin.Config{
ModelFilePath: "path/to/rbac_model.conf",
PolicyAdapter: xormadapter.NewAdapter("mysql", "root:@tcp(127.0.0.1:3306)/"),
Lookup: func(c *fiber.Ctx) string {
// fetch authenticated user subject
},
})
app.Post("/blog",
authz.RequiresPermissions([]string{"blog:create"}, fibercasbin.WithValidationRule(fibercasbin.MatchAllRule)),
func(c *fiber.Ctx) error {
// your handler
},
)
app.Delete("/blog/:id",
authz.RequiresPermissions([]string{"blog:create", "blog:delete"}, fibercasbin.WithValidationRule(fibercasbin.AtLeastOneRule)),
func(c *fiber.Ctx) error {
// your handler
},
)
app.Listen(":8080")
}RoutePermission
package main
import (
"github.com/gofiber/fiber/v2"
"github.com/arsmn/fiber-casbin/v2"
_ "github.com/go-sql-driver/mysql"
"github.com/casbin/xorm-adapter/v2"
)
func main() {
app := fiber.New()
authz := fibercasbin.New(fibercasbin.Config{
ModelFilePath: "path/to/rbac_model.conf",
PolicyAdapter: xormadapter.NewAdapter("mysql", "root:@tcp(127.0.0.1:3306)/"),
Lookup: func(c *fiber.Ctx) string {
// fetch authenticated user subject
},
})
// check permission with Method and Path
app.Post("/blog",
authz.RoutePermission(),
func(c *fiber.Ctx) error {
// your handler
},
)
app.Listen(":8080")
}RoleAuthorization
package main
import (
"github.com/gofiber/fiber/v2"
"github.com/arsmn/fiber-casbin/v2"
_ "github.com/go-sql-driver/mysql"
"github.com/casbin/xorm-adapter/v2"
)
func main() {
app := fiber.New()
authz := fibercasbin.New(fibercasbin.Config{
ModelFilePath: "path/to/rbac_model.conf",
PolicyAdapter: xormadapter.NewAdapter("mysql", "root:@tcp(127.0.0.1:3306)/"),
Lookup: func(c *fiber.Ctx) string {
// fetch authenticated user subject
},
})
app.Put("/blog/:id",
authz.RequiresRoles([]string{"admin"}),
func(c *fiber.Ctx) error {
// your handler
},
)
app.Listen(":8080")
}