Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added support for custom keys #22

Merged
merged 4 commits into from
Mar 21, 2019
Merged

Conversation

deammer
Copy link
Contributor

@deammer deammer commented Mar 18, 2019

This adds support for a customKey option that can be useful when using API scopes with Auth0. For instance, it's possible that the scopes are on the user.permissions key, like so:

// This user will have access
var authorizedUser = {
  permissions: 'read:users write:users'
};

app.post('/users',
  jwt({ secret: 'shared_secret' }),
  jwtAuthz([ 'read:users', 'write:users' ], { customKey: 'permissions' }),
  function(req, res) { ... });

This fixes #2. It does not support nested keys, though, because I didn't want to introduce a dependency like lodash.set. I can add that if necessary.

README.md Outdated Show resolved Hide resolved
@luisrudge luisrudge merged commit c3f480c into auth0:master Mar 21, 2019
@luisrudge
Copy link
Contributor

released in express-jwt-authz@2.3.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

the req.user key is hardcoded
2 participants