ECN>> node-casbin>> 返回
项目作者: casbin

项目描述 :
An authorization library that supports access control models like ACL, RBAC, ABAC in Node.js
高级语言: TypeScript
项目地址: git://github.com/casbin/node-casbin.git
创建时间: 2018-07-15T03:55:31Z
项目社区:https://github.com/casbin/node-casbin
开源协议:Apache License 2.0
下载


Node-Casbin

NPM version
NPM download
install size
codebeat badge
GitHub Actions
Coverage Status
Release
Discord


Sponsored by










Build auth with fraud prevention, faster.
Try Stytch for API-first authentication, user & org management, multi-tenant SSO, MFA, device fingerprinting, and more.


💖 Looking for an open-source identity and access management solution like Okta, Auth0, Keycloak ? Learn more about: Casdoor

casdoor

News: still worry about how to write the correct node-casbin policy? Casbin online editor is coming to help!

casbin Logo

node-casbin is a powerful and efficient open-source access control library for Node.JS projects. It provides support for enforcing authorization based on various access control models.

All the languages supported by Casbin:

golang java nodejs php
Casbin jCasbin node-Casbin PHP-Casbin
production-ready production-ready production-ready production-ready
python dotnet c++ rust
PyCasbin Casbin.NET Casbin-CPP Casbin-RS
production-ready production-ready beta-test production-ready

Documentation

https://casbin.org/docs/overview

Installation

```shell script

NPM

npm install casbin —save

Yarn

yarn add casbin

  2. ## Get started
  4. New a `node-casbin` enforcer with a model file and a policy file, see [Model](#official-model) section for details:
  6. ```node.js
  7. // For Node.js:
  8. const { newEnforcer } = require('casbin');
  9. // For browser:
  10. // import { newEnforcer } from 'casbin';
  12. const enforcer = await newEnforcer('basic_model.conf', 'basic_policy.csv');

Note: you can also initialize an enforcer with policy in DB instead of file, see Persistence section for details.

Add an enforcement hook into your code right before the access happens:

  1. const sub = 'alice'; // the user that wants to access a resource.
  2. const obj = 'data1'; // the resource that is going to be accessed.
  3. const act = 'read'; // the operation that the user performs on the resource.
  5. // Async:
  6. const res = await enforcer.enforce(sub, obj, act);
  7. // Sync:
  8. // const res = enforcer.enforceSync(sub, obj, act);
  10. if (res) {
  11.   // permit alice to read data1
  12. } else {
  13.   // deny the request, show an error
  14. }

Besides the static policy file, node-casbin also provides API for permission management at run-time.
For example, You can get all the roles assigned to a user as below:

  1. const roles = await enforcer.getRolesForUser('alice');

See Policy management APIs for more usage.

Policy management

Casbin provides two sets of APIs to manage permissions:

  • Management API: the primitive API that provides full support for Casbin policy management.
  • RBAC API: a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code.

Official Model

https://casbin.org/docs/supported-models

Policy persistence

https://casbin.org/docs/adapters

Policy consistence between multiple nodes

https://casbin.org/docs/watchers

Role manager

https://casbin.org/docs/role-managers

Contributors

This project exists thanks to all the people who contribute.

Backers

Thank you to all our backers! 🙏 [Become a backer]

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]










License

This project is licensed under the Apache 2.0 license.

Contact

If you have any issues or feature requests, please contact us. PR is welcomed.