Popularity
6.2
Growing
Activity
6.6
-
2,458
20
209

Monthly Downloads: 0
Programming language: TypeScript
License: Apache License 2.0
Tags: Authorization    
Latest version: v5.19.2

node-casbin alternatives and similar modules

Based on the "Authorization" category.
Alternatively, view node-casbin alternatives based on common mentions on social networks and blogs.

  • CASL

    CASL is an isomorphic authorization JavaScript library which restricts what resources a given user is allowed to access
  • oso

    Oso is a batteries-included framework for building authorization in your application.

Do you think we are missing an alternative of node-casbin or a related project?

Add another 'Authorization' Module

README

Node-Casbin

NPM version NPM download install size codebeat badge GitHub Actions Coverage Status Release Gitter

๐Ÿ’– Looking for an open-source identity and access management solution like Okta, Auth0, Keycloak ? Learn more about: Casdoor

News: still worry about how to write the correct node-casbin policy? Casbin online editor is coming to help!

[casbin Logo](casbin-logo.png)

node-casbin is a powerful and efficient open-source access control library for Node.JS projects. It provides support for enforcing authorization based on various access control models.

All the languages supported by Casbin:

golang java nodejs php
Casbin jCasbin node-Casbin PHP-Casbin
production-ready production-ready production-ready production-ready
python dotnet c++ rust
PyCasbin Casbin.NET Casbin-CPP Casbin-RS
production-ready production-ready beta-test production-ready

Documentation

https://casbin.org/docs/en/overview

Installation

```shell script

NPM

npm install casbin --save

Yarn

yarn add casbin


## Get started

New a `node-casbin` enforcer with a model file and a policy file, see [Model](#official-model) section for details:

```node.js
// For Node.js:
const { newEnforcer } = require('casbin');
// For browser:
// import { newEnforcer } from 'casbin';

const enforcer = await newEnforcer('basic_model.conf', 'basic_policy.csv');

Note: you can also initialize an enforcer with policy in DB instead of file, see Persistence section for details.

Add an enforcement hook into your code right before the access happens:

const sub = 'alice'; // the user that wants to access a resource.
const obj = 'data1'; // the resource that is going to be accessed.
const act = 'read'; // the operation that the user performs on the resource.

// Async:
const res = await enforcer.enforce(sub, obj, act);
// Sync:
// const res = enforcer.enforceSync(sub, obj, act);

if (res) {
  // permit alice to read data1
} else {
  // deny the request, show an error
}

Besides the static policy file, node-casbin also provides API for permission management at run-time. For example, You can get all the roles assigned to a user as below:

const roles = await enforcer.getRolesForUser('alice');

See Policy management APIs for more usage.

Policy management

Casbin provides two sets of APIs to manage permissions:

  • Management API: the primitive API that provides full support for Casbin policy management.
  • RBAC API: a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code.

Official Model

https://casbin.org/docs/en/supported-models

Policy persistence

https://casbin.org/docs/en/adapters

Policy consistence between multiple nodes

https://casbin.org/docs/en/watchers

Role manager

https://casbin.org/docs/en/role-managers

Contributors

This project exists thanks to all the people who contribute.

Backers

Thank you to all our backers! ๐Ÿ™ [Become a backer]

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]

License

This project is licensed under the [Apache 2.0 license](LICENSE).

Contact

If you have any issues or feature requests, please contact us. PR is welcomed.


*Note that all licence references and agreements mentioned in the node-casbin README section above are relevant to that project's source code only.