Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork227
An authorization library that supports access control models like ACL, RBAC, ABAC in Node.js and Browser
License
casbin/node-casbin
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
News: still worry about how to write the correctnode-casbin policy?Casbin online editor is coming to help!
node-casbin is a powerful and efficient open-source access control library for Node.JS projects. It provides support for enforcing authorization based on variousaccess control models.
 |  |  |  |
|---|---|---|---|
| Casbin | jCasbin | node-Casbin | PHP-Casbin |
| production-ready | production-ready | production-ready | production-ready |
 |  |  |  |
|---|---|---|---|
| PyCasbin | Casbin.NET | Casbin-CPP | Casbin-RS |
| production-ready | production-ready | beta-test | production-ready |
https://casbin.org/docs/overview
# NPMnpm install casbin --save# Yarnyarn add casbin
New anode-casbin enforcer with a model file and a policy file, seeModel section for details:
// For Node.js:const{ newEnforcer}=require('casbin');// For browser:// import { newEnforcer } from 'casbin';constenforcer=awaitnewEnforcer('basic_model.conf','basic_policy.csv');
Note: you can also initialize an enforcer with policy in DB instead of file, seePersistence section for details.
Add an enforcement hook into your code right before the access happens:
constsub='alice';// the user that wants to access a resource.constobj='data1';// the resource that is going to be accessed.constact='read';// the operation that the user performs on the resource.// Async:constres=awaitenforcer.enforce(sub,obj,act);// Sync:// const res = enforcer.enforceSync(sub, obj, act);if(res){// permit alice to read data1}else{// deny the request, show an error}
Besides the static policy file,node-casbin also provides API for permission management at run-time.For example, You can get all the roles assigned to a user as below:
constroles=awaitenforcer.getRolesForUser('alice');
SeePolicy management APIs for more usage.
Casbin provides two sets of APIs to manage permissions:
- Management API: the primitive API that provides full support for Casbin policy management.
- RBAC API: a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code.
https://casbin.org/docs/supported-models
https://casbin.org/docs/adapters
https://casbin.org/docs/watchers
https://casbin.org/docs/role-managers
This project exists thanks to all the people who contribute.
This project is licensed under theApache 2.0 license.
If you have any issues or feature requests, please contact us. PR is welcomed.
About
An authorization library that supports access control models like ACL, RBAC, ABAC in Node.js and Browser
Topics
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Sponsor this project
Uh oh!
There was an error while loading.Please reload this page.
Packages0
Uh oh!
There was an error while loading.Please reload this page.