@aethex.os/middleware
v1.0.1
Published
AeThex Express middleware — auth guards, CORS factory, and capability-based access control
Downloads
213
Maintainers
mrpiglrReadme
@aethex.os/middleware
Express middleware for auth guards, CORS, and capability-based access control. Drop-in, fully typed.
Install
npm install @aethex.os/middlewareAuth
import { requireAuth, requireRole, optionalAuth } from '@aethex.os/middleware';
// Block unauthenticated requests
app.use('/api/profile', requireAuth());
// Block non-admins
app.use('/api/admin', requireAuth(), requireRole('admin'));
// Populate req.userId if logged in, but don't block
app.use(optionalAuth());Custom token validation
app.use(requireAuth({
validateToken: async (token) => {
const user = await db.users.findByToken(token);
return user ? { id: user.id, role: user.role } : null;
},
}));After middleware runs, req.userId and req.userRole are set.
CORS
import cors from 'cors';
import { createCorsOptions } from '@aethex.os/middleware';
app.use(cors(createCorsOptions({
origins: [
'https://yourapp.com',
'https://app.yourapp.com',
],
// localhost:3000/5000/5173 added automatically in dev
})));Capability Guard
Gate endpoints by plan/role without hardcoding checks everywhere.
import { createCapabilityGuard } from '@aethex.os/middleware';
const guard = createCapabilityGuard({
realmCapabilities: {
free: ['analytics'],
pro: ['analytics', 'exports', 'api_access'],
enterprise: ['analytics', 'exports', 'api_access', 'sso'],
},
policies: {
'/api/export': { features: ['exports'] },
'/api/sso': { features: ['sso'] },
'/api/v1': { plans: ['pro', 'enterprise'] },
},
realmHeader: 'x-user-plan', // sent by your auth layer
});
app.use(guard);Returns 403 with { error, reason, required, missing } when access is denied.
Works with @aethex.os/registry
import { createRegistry } from '@aethex.os/registry';
import { createCapabilityGuard } from '@aethex.os/middleware';
const registry = createRegistry({ plans: { free: [...], pro: [...] } });
// Use registry.config directly
const guard = createCapabilityGuard({
realmCapabilities: registry.config.plans,
policies: { '/api/export': { features: ['exports'] } },
});Part of the @aethex.os ecosystem
See @aethex.os/core for the full package list.