Skip to content

biscuit-auth/biscuit-node-express

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
examples
examples
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

express-biscuit

Express authorization middleware using Biscuit tokens and policies

Example usage:

const express = require('express')
const express_biscuit = require('@biscuit-auth/express-biscuit')
const {fact} = require('@biscuit-auth/express-biscuit')
const app = express()

const pubKey = "dfd559075dcf56c8c6777fbd3c553827dd51645bb8ee87a975a172980f8f16e5"

app.get('/user/:user_id',
  express_biscuit({
    // the root public key used to verify the signature
    publicKey: pubKey,
    // a list of static authorizer policies
    policies: "check if user(1); allow if true;",
    // the extractor method is used to get data from the request and
    // create authorizer facts from it
    extractor: function(req, authorizer) {
      authorizer.add_fact(
        // you can use template strings to create the facts, this prevents
        // injection issues when integrating user controlled data
        fact`user(${parseInt(req.params.user_id)})`
      )
    }
  }),
  function (req, res) {
    res.send('Hello '+req.params.user_id+"\n")
})

About

express authorization middleware for Biscuit tokens

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

No packages published

Languages