casbin

			Stars	Issues	Version	Updated	Created	Size
	casbin		2,490	22	5.30.0	24 days ago	6 years ago

Node-Casbin

!NPM version npm-image npm-url !NPM download download-image download-url

^{Sponsored by}

<picture>
  <source media="(prefers-color-scheme: dark)" srcset="https://cdn.casbin.org/img/stytch-white.png">
  <source media="(prefers-color-scheme: light)" srcset="https://cdn.casbin.org/img/stytch-charcoal.png">
  <img src="https://cdn.casbin.org/img/stytch-charcoal.png" width="275">
</picture>

Build auth with fraud prevention, faster.
Try Stytch for API-first authentication, user & org management, multi-tenant SSO, MFA, device fingerprinting, and more.

💖 Looking for an open-source identity and access management solution like Okta, Auth0, Keycloak ? Learn more about: Casdoor

News: still worry about how to write the correct node-casbin policy? Casbin online editor is coming to help!

node-casbin is a powerful and efficient open-source access control library for Node.JS projects. It provides support for enforcing authorization based on various access control models.

All the languages supported by Casbin:

| | -------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- | | Casbin | jCasbin | node-Casbin | PHP-Casbin | | production-ready | production-ready | production-ready | production-ready |
|

| | ---------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------- | | PyCasbin | Casbin.NET | Casbin-CPP | Casbin-RS | | production-ready | production-ready | beta-test | production-ready |

Documentation

https://casbin.org/docs/overview

Installation

```shell script

NPM

npm install casbin --save

Yarn

yarn add casbin

## Get started

New a `node-casbin` enforcer with a model file and a policy file, see [Model](#official-model) section for details:

```node.js
// For Node.js:
const { newEnforcer } = require('casbin');
// For browser:
// import { newEnforcer } from 'casbin';

const enforcer = await newEnforcer('basic_model.conf', 'basic_policy.csv');

Note: you can also initialize an enforcer with policy in DB instead of file, see Persistence section for details.

Add an enforcement hook into your code right before the access happens:
```node.js const sub = 'alice'; // the user that wants to access a resource. const obj = 'data1'; // the resource that is going to be accessed. const act = 'read'; // the operation that the user performs on the resource.
// Async: const res = await enforcer.enforce(sub, obj, act); // Sync: // const res = enforcer.enforceSync(sub, obj, act);
if (res) { // permit alice to read data1 } else { // deny the request, show an error }

Besides the static policy file, `node-casbin` also provides API for permission management at run-time.
For example, You can get all the roles assigned to a user as below:

```node.js
const roles = await enforcer.getRolesForUser('alice');

See Policy management APIs for more usage.

Policy management

Casbin provides two sets of APIs to manage permissions:

Management API: the primitive API that provides full support for Casbin policy management.
RBAC API: a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code.