News: still worry about how to write the correct node-casbin policy? Casbin online editor is coming to help!
node-casbin is a powerful and efficient open-source access control library for Node.JS projects. It provides support for enforcing authorization based on various access control models.
|  |  |  |  | 
|---|---|---|---|
| Casbin | jCasbin | node-Casbin | PHP-Casbin | 
| production-ready | production-ready | production-ready | production-ready | 
|  |  |  |  | 
|---|---|---|---|
| PyCasbin | Casbin.NET | Casbin-CPP | Casbin-RS | 
| production-ready | production-ready | beta-test | production-ready | 
https://casbin.org/docs/en/overview
# NPM
npm install casbin --save
# Yarn
yarn add casbinNew a node-casbin enforcer with a model file and a policy file, see Model section for details:
// For Node.js:
const { newEnforcer } = require('casbin');
// For browser:
// import { newEnforcer } from 'casbin';
const enforcer = await newEnforcer('basic_model.conf', 'basic_policy.csv');Note: you can also initialize an enforcer with policy in DB instead of file, see Persistence section for details.
Add an enforcement hook into your code right before the access happens:
const sub = 'alice'; // the user that wants to access a resource.
const obj = 'data1'; // the resource that is going to be accessed.
const act = 'read'; // the operation that the user performs on the resource.
// Async:
const res = await enforcer.enforce(sub, obj, act);
// Sync:
// const res = enforcer.enforceSync(sub, obj, act);
if (res) {
  // permit alice to read data1
} else {
  // deny the request, show an error
}Besides the static policy file, node-casbin also provides API for permission management at run-time.
For example, You can get all the roles assigned to a user as below:
const roles = await enforcer.getRolesForUser('alice');See Policy management APIs for more usage.
Casbin provides two sets of APIs to manage permissions:
- Management API: the primitive API that provides full support for Casbin policy management.
- RBAC API: a more friendly API for RBAC. This API is a subset of Management API. The RBAC users could use this API to simplify the code.
https://casbin.org/docs/en/supported-models
https://casbin.org/docs/en/adapters
https://casbin.org/docs/en/watchers
https://casbin.org/docs/en/role-managers
This project exists thanks to all the people who contribute.
Thank you to all our backers! 🙏 [Become a backer]
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]
This project is licensed under the Apache 2.0 license.
If you have any issues or feature requests, please contact us. PR is welcomed.
