Node-Casbin
!NPM versionnpm-imagenpm-url
!NPM downloaddownload-imagedownload-url
Sponsored by
<picture>
<source media="(prefers-color-scheme: dark)" srcset="https://cdn.casbin.org/img/stytch-white.png">
<source media="(prefers-color-scheme: light)" srcset="https://cdn.casbin.org/img/stytch-charcoal.png">
<img src="https://cdn.casbin.org/img/stytch-charcoal.png" width="275">
</picture>
Build auth with fraud prevention, faster.
Try Stytch for API-first authentication, user & org management, multi-tenant SSO, MFA, device fingerprinting, and more.
š Looking for an open-source identity and access management solution like Okta, Auth0, Keycloak ? Learn more about: Casdoor
News: still worry about how to write the correct
node-casbin
policy? Casbin online editor is coming to help!node-casbin
is a powerful and efficient open-source access control library for Node.JS projects. It provides support for enforcing authorization based on various access control models.All the languages supported by Casbin:
| | | | | | -------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | | Casbin | jCasbin | node-Casbin | PHP-Casbin | | production-ready | production-ready | production-ready | production-ready || | | | | | ---------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------- | | PyCasbin | Casbin.NET | Casbin-CPP | Casbin-RS | | production-ready | production-ready | beta-test | production-ready |
Documentation
https://casbin.org/docs/overviewInstallation
```shell scriptNPM
npm install casbin --saveYarn
yarn add casbin
## Get started
New a `node-casbin` enforcer with a model file and a policy file, see [Model](#official-model) section for details:
```node.js
// For Node.js:
const { newEnforcer } = require('casbin');
// For browser:
// import { newEnforcer } from 'casbin';
const enforcer = await newEnforcer('basic_model.conf', 'basic_policy.csv');
Note: you can also initialize an enforcer with policy in DB instead of file, see Persistence section for details.
Add an enforcement hook into your code right before the access happens:
```node.js const sub = 'alice'; // the user that wants to access a resource. const obj = 'data1'; // the resource that is going to be accessed. const act = 'read'; // the operation that the user performs on the resource.
// Async: const res = await enforcer.enforce(sub, obj, act); // Sync: // const res = enforcer.enforceSync(sub, obj, act);
if (res) { // permit alice to read data1 } else { // deny the request, show an error }
Besides the static policy file, `node-casbin` also provides API for permission management at run-time.
For example, You can get all the roles assigned to a user as below:
```node.js
const roles = await enforcer.getRolesForUser('alice');
See Policy management APIs for more usage.
Policy management
Casbin provides two sets of APIs to manage permissions:- Management API: the primitive API that provides full support for Casbin policy management.
- RBAC API: a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code.
Official Model
https://casbin.org/docs/supported-modelsPolicy persistence
https://casbin.org/docs/adaptersPolicy consistence between multiple nodes
https://casbin.org/docs/watchersRole manager
https://casbin.org/docs/role-managersContributors
This project exists thanks to all the people who contribute.Backers
Thank you to all our backers! š Become a backerSponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. Become a sponsorLicense
This project is licensed under the Apache 2.0 license.Contact
If you have any issues or feature requests, please contact us. PR is welcomed.- https://github.com/casbin/node-casbin/issues
- hsluoyz@gmail.com
- Tencent QQ group: 546057381