A plugin for Fastify that adds support for Casbin.
It provides an unopinionated approach to use Casbin's Node.js APIs within a Fastify application.
npm i casbin fastify-casbin
casbin
is a peer dependency and must be installed explicitly
Once registered, the plugin will decorate the Fastify instance with a casbin
namespace which will be an instance of the Enforcer
type.
It will expose the full Casbin API, primarily the enforce
method, to check if a rule is satistifed.
Using basic model and policy files.
const fastify = require('fastify')()
fastify.register(require('fastify-casbin'), {
model: 'basic_model.conf', // the model configuration
adapter: 'basic_policy.csv' // the adapter
})
fastify.get('/protected', async () => {
if (!(await fastify.casbin.enforce('alice', 'data1', 'read'))) {
throw new Error('Forbidden')
}
return `You're in!`
})
Using casbin-pg-adapter and casbin-pg-watcher
const fastify = require('fastify')()
const { newAdapter } = require('casbin-pg-adapter').default
const { newWatcher } = require('casbin-pg-watcher')
const pgOptions = {
connectionString: 'postgres://localhost',
migrate: true
}
async () => {
fastify.register(require('fastify-casbin'), {
model: 'basic_model.conf', // the model configuration
adapter: await newAdapter(pgOptions), // the adapter
watcher: await newWatcher(pgOptions) // the watcher
})
// add some policies at application startup
fastify.addHook('onReady', async function () {
await fastify.casbin.addPolicy('alice', 'data1', 'read')
})
fastify.get('/protected', async () => {
if (!(await fastify.casbin.enforce('alice', 'data1', 'read'))) {
throw new Error('Forbidden')
}
return `You're in!`
})
}
import fastify from 'fastify'
import { join } from 'path'
import { Model, FileAdapter } from 'casbin'
import fastifyCasbin from 'fastify-casbin'
const modelPath = join(__dirname, 'auth', 'basic_model.conf')
const policyPath = join(__dirname, 'auth', 'basic_policy.csv')
const app = fastify()
const preloadedModel = new Model()
preloadedModel.loadModel(modelPath)
const preloadedAdapter = new FileAdapter(policyPath)
app.register(fastifyCasbin, {
model: preloadedModel,
adapter: preloadedAdapter
})
app.get('/protected', async () => {
if (!(await app.casbin.enforce('alice', 'data1', 'read'))) {
throw new Error('Forbidden')
}
return `You're in!`
})
Licensed under MIT License