Module: plugins/express

This module exports a function which creates express midddleware to test if a user has certain permissions. It assumes that there is a user property defined on the req object.

Source:
Example
const dmv = require('dmv');
const permits  = dmv.expressMiddleware.permits;
const hasRole  = dmv.expressMiddleware.hasRole;

router.use(permits('eat', 'bricks'));
router.use('/bricks/:id/eat');

// less robust!
router.use(hasRole('mason'));
router.use('/bricks')

// If the req.user doesn't have a role which gives it permission to eat bricks, a 401 will be sent.

Members

(inner, constant) permitsFactory

returns a function that is like permits but for an explicit noun

Source:

Methods

(static) user(cb)

Function to set method for pulling user off req or res

Parameters:
Name Type Description
cb function

your function to return user

Source:

(inner) getUser(req, res) → {User}

Default function to pull user off request object

Parameters:
Name Type Description
req Request
res Response
Source:
Returns:
Type
User

(inner) hasRole(verb, noun) → {middleware}

middleware factory to determine if req.user has a role

Parameters:
Name Type Description
verb string
noun string
Source:
Returns:
Type
middleware

(inner) permits(verb, noun) → {middleware}

middleware factory to determine if req.user has permission to noun a verb

Parameters:
Name Type Description
verb string
noun string
Source:
Returns:
Type
middleware