@fire-shield/express

v2.1.1

Published

4 months ago

Fire Shield Express.js adapter - Lightning-fast RBAC middleware for Express

Downloads

0High
0Medium
0Low

khapu2906

rbac express middleware authorization permissions fire-shield access-control security

🛡️ Fire Shield - Express Adapter

Express.js middleware for Fire Shield RBAC authorization.

Installation

npm install @fire-shield/express @fire-shield/core

Quick Start

import express from 'express';
import { RBAC } from '@fire-shield/core';
import { ExpressRBACAdapter } from '@fire-shield/express';

const app = express();
const rbac = new RBAC();

// Setup roles
rbac.createRole('admin', ['user:*', 'post:*']);
rbac.createRole('editor', ['post:read', 'post:write']);

// Create adapter
const rbacMiddleware = new ExpressRBACAdapter(rbac);

// Add user to request
app.use((req, res, next) => {
  req.user = { id: 'user-1', roles: ['editor'] };
  next();
});

// Protect routes with permission check
app.get('/admin/users',
  rbacMiddleware.permission('user:read'),
  (req, res) => {
    res.json({ users: [] });
  }
);

// Protect with role check
app.post('/posts',
  rbacMiddleware.role('editor'),
  (req, res) => {
    res.json({ success: true });
  }
);

app.listen(3000);

API

`new ExpressRBACAdapter(rbac, options?)`

Creates a new Express adapter instance.

Options:

getUser?: (req) => RBACUser - Extract user from request
onUnauthorized?: (result, req, res, next) => void - Custom unauthorized handler
onError?: (error, req, res, next) => void - Custom error handler

Methods

`permission(permission: string)`

Middleware to check if user has specific permission.

app.get('/admin', rbacMiddleware.permission('admin:access'), handler);

`role(role: string)`

Middleware to check if user has specific role.

app.get('/admin', rbacMiddleware.role('admin'), handler);

`resourceAction(resource: string, action: string)`

Middleware to check resource:action permission.

app.delete('/users/:id', rbacMiddleware.resourceAction('user', 'delete'), handler);

Examples

Custom User Extraction

const rbacMiddleware = new ExpressRBACAdapter(rbac, {
  getUser: (req) => req.session?.user || req.user
});

Custom Unauthorized Handler

const rbacMiddleware = new ExpressRBACAdapter(rbac, {
  onUnauthorized: (result, req, res, next) => {
    res.status(403).json({
      error: 'Access Denied',
      required: result.reason,
      user: result.user?.id
    });
  }
});

Wildcard Permissions

rbac.createRole('admin', ['*']); // All permissions

app.use('/admin/*',
  rbacMiddleware.role('admin'),
  adminRouter
);

Published

Vulnerabilities

Links

Maintainers

Keywords

Readme