@forgeframework/authorization
v0.3.0
Published
Provides role-based (RBAC) and attribute-based (ABAC) access control for the Forge Framework.
Maintainers
Readme
@forgeframework/authorization
Provides role-based (RBAC) and attribute-based (ABAC) access control for the Forge Framework.
Part of the Forge Framework — a TypeScript framework for backend microservices and web applications.
Installation
npm install @forgeframework/authorizationUsage
import { ForgeAuthorization, requireRole, requirePermission } from '@forgeframework/authorization';
const authz = new ForgeAuthorization([
{
name: 'app-policy',
roles: [
{ role: 'admin', resources: [{ resource: 'user', actions: 'all' }, { resource: 'order', actions: 'all' }] },
{ role: 'manager', resources: [{ resource: 'order', actions: ['read', 'update'] }] },
{ role: 'viewer', resources: [{ resource: 'order', actions: ['read'] }, { resource: 'user', actions: ['read'] }] },
],
},
]);
// Check permission
const canDelete = authz.can(identity, 'delete', 'user'); // true for admin
// Middleware
server.route('DELETE', '/users/:id', requireRole('admin'), deleteUser);
// Throws ForgeForbiddenError if not allowed
authz.authorize(identity, 'delete', 'user');Documentation
Full API reference and guides: https://carbonforge.io/framework/docs/security/authorization
(Documentation site launching soon.)
License
MIT © Carbon Forge
