Skip to content

A plugin for Fastify that adds support for Casbin

License

Notifications You must be signed in to change notification settings

nearform/fastify-casbin

Repository files navigation

fastify-casbin

Continuous Integration codecov npm version

A plugin for Fastify that adds support for Casbin.

It provides an unopinionated approach to use Casbin's Node.js APIs within a Fastify application.

Install

npm i casbin fastify-casbin

casbin is a peer dependency and must be installed explicitly

API

Once registered, the plugin will decorate the Fastify instance with a casbin namespace which will be an instance of the Enforcer type.

It will expose the full Casbin API, primarily the enforce method, to check if a rule is satistifed.

Examples

Basic

Using basic model and policy files.

const fastify = require('fastify')()

fastify.register(require('fastify-casbin'), {
  model: 'basic_model.conf', // the model configuration
  adapter: 'basic_policy.csv' // the adapter
})

fastify.get('/protected', async () => {
  if (!(await fastify.casbin.enforce('alice', 'data1', 'read'))) {
    throw new Error('Forbidden')
  }

  return `You're in!`
})

Postgres adapter and watcher

Using casbin-pg-adapter and casbin-pg-watcher

const fastify = require('fastify')()
const { newAdapter } = require('casbin-pg-adapter').default
const { newWatcher } = require('casbin-pg-watcher')

const pgOptions = {
  connectionString: 'postgres://localhost',
  migrate: true
}

async () => {
  fastify.register(require('fastify-casbin'), {
    model: 'basic_model.conf', // the model configuration
    adapter: await newAdapter(pgOptions), // the adapter
    watcher: await newWatcher(pgOptions) // the watcher
  })

  // add some policies at application startup
  fastify.addHook('onReady', async function () {
    await fastify.casbin.addPolicy('alice', 'data1', 'read')
  })

  fastify.get('/protected', async () => {
    if (!(await fastify.casbin.enforce('alice', 'data1', 'read'))) {
      throw new Error('Forbidden')
    }

    return `You're in!`
  })
}

Using programmatically assembled model

import fastify from 'fastify'
import { join } from 'path'
import { Model, FileAdapter } from 'casbin'
import fastifyCasbin from 'fastify-casbin'

const modelPath = join(__dirname, 'auth', 'basic_model.conf')
const policyPath = join(__dirname, 'auth', 'basic_policy.csv')

const app = fastify()

const preloadedModel = new Model()
preloadedModel.loadModel(modelPath)
const preloadedAdapter = new FileAdapter(policyPath)

app.register(fastifyCasbin, {
  model: preloadedModel,
  adapter: preloadedAdapter
})

app.get('/protected', async () => {
  if (!(await app.casbin.enforce('alice', 'data1', 'read'))) {
    throw new Error('Forbidden')
  }

  return `You're in!`
})

License

Licensed under MIT License