Skip to content
Go to file
Cannot retrieve contributors at this time
79 lines (62 sloc) 2.21 KB

+++ title = "Casbin Auth Middleware" description = "Casbin Auth middleware for Echo. It supports access control models like ACL, RBAC, ABAC." [menu.main] name = "Casbin Auth" parent = "middleware" +++

Casbin is a powerful and efficient open-source access control library for Go. It provides support for enforcing authorization based on various models. So far, the access control models supported by Casbin are:

  • ACL (Access Control List)
  • ACL with superuser
  • ACL without users: especially useful for systems that don't have authentication or user log-ins.
  • ACL without resources: some scenarios may target for a type of resources instead of an individual resource by using permissions like write-article, read-log. It doesn't control the access to a specific article or log.
  • RBAC (Role-Based Access Control)
  • RBAC with resource roles: both users and resources can have roles (or groups) at the same time.
  • RBAC with domains/tenants: users can have different role sets for different domains/tenants.
  • ABAC (Attribute-Based Access Control)
  • RESTful
  • Deny-override: both allow and deny authorizations are supported, deny overrides the allow.

Echo community contribution


import (
  casbin_mw ""


e := echo.New()
enforcer, err := casbin.NewEnforcer("casbin_auth_model.conf", "casbin_auth_policy.csv")

For syntax, see: Syntax for Models.

Custom Configuration


e := echo.New()
ce := casbin.NewEnforcer("casbin_auth_model.conf", "")
ce.AddRoleForUser("alice", "admin")
  Enforcer: ce,


// Config defines the config for CasbinAuth middleware.
Config struct {
  // Skipper defines a function to skip middleware.
  Skipper middleware.Skipper

  // Enforcer CasbinAuth main rule.
  // Required.
  Enforcer *casbin.Enforcer

Default Configuration

// DefaultConfig is the default CasbinAuth middleware config.
DefaultConfig = Config{
  Skipper: middleware.DefaultSkipper,
You can’t perform that action at this time.