-
Notifications
You must be signed in to change notification settings - Fork 175
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal: Implementation of Casbin Middleware #676
Conversation
🦋 Changeset detectedLatest commit: e05e1bb The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Hi @sugar-cat7 ! Sorry for the delayed response. I didin't know the Casbin, but looks good. I have questions, though I may not understand your intention perfectly. Does the I wonder if we can use some logic for Basic Auth in |
@yusukebe First of all, as a premise: Based on the above:
Since this is a framework for authorization, it primarily looks at information about users and their permissions. Regarding defaultCheckPermission, it checks the username and the predefined policy to determine if a user can access a particular endpoint.
No. Authentication is assumed to be implemented separately, and defaultCheckPermission looks at whether access should be allowed after the user has been authenticated.
It seems that the logic in the following link could be used here: However, it would be difficult to use the middleware as-is, so it would require re-implementing the same function (called |
Hi @sugar-cat7 Thank you for the response! I understood the purpose of Casbin well thanks to your explanation.
I think this is ideal and wonderful if we could use this middleware with the current
Exactly. We don't welcome exporting the private funcitons. |
@yusukebe I’ve made some modifications to the codebase. The changes are as follows:
I've included the specific usage for combining them in the README! |
Hi @sugar-cat7 Thank you for your explanation! Creating
As you said, it's better to create The type of type Auth = (request: Request) => { username: string; password: string } I can do it later, but can you create a PR to refactor like that on |
I have created a PR to move the functions to the utils directory! |
c6cd225
to
e0247df
Compare
@yusukebe |
package.json
Outdated
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change as following to export modules correctly:
diff --git a/packages/casbin/package.json b/packages/casbin/package.json
index 6d0be5f..da02259 100644
--- a/packages/casbin/package.json
+++ b/packages/casbin/package.json
@@ -3,9 +3,9 @@
"version": "1.0.1",
"description": "Casbin middleware for Hono",
"type": "module",
- "main": "dist/cjs/index.js",
- "module": "dist/esm/index.js",
- "types": "dist/esm/index.d.ts",
+ "main": "dist/index.cjs",
+ "module": "dist/index.js",
+ "types": "dist/index.d.ts",
"exports": {
".": {
"import": {
@@ -16,6 +16,16 @@
"types": "./dist/index.d.cts",
"default": "./dist/index.cjs"
}
+ },
+ "./helper": {
+ "import": {
+ "types": "./dist/helper/index.d.ts",
+ "default": "./dist/helper/index.js"
+ },
+ "require": {
+ "types": "./dist/helper/index.d.cts",
+ "default": "./dist/helper/index.cjs"
+ }
}
},
"files": [
@@ -23,7 +33,7 @@
],
"scripts": {
"test": "vitest --run",
- "build": "tsup ./src/index.ts --format esm,cjs --dts",
+ "build": "tsup ./src/index.ts ./src/helper/index.ts --format esm,cjs --dts",
"publint": "publint",
"release": "yarn build && yarn test && yarn publint && yarn publish"
},
@@ -48,4 +58,4 @@
"typescript": "^5.5.3",
"vitest": "^2.0.1"
}
-}
+}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed!
18b9d2a
packages/casbin/README.md
Outdated
import { Hono } from 'hono' | ||
import { basicAuth } from 'hono/basic-auth' | ||
import { newEnforcer } from 'casbin' | ||
import { casbin } from '@hono/cabin' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a typo. Should be @hono/casbin'
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed!
d0325f1
packages/casbin/README.md
Outdated
import { basicAuth } from 'hono/basic-auth' | ||
import { newEnforcer } from 'casbin' | ||
import { casbin } from '@hono/cabin' | ||
import { basicAuthorizer } from '@hono/cabin/helper' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also a typo.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed!
d0325f1
Thanks! I've added some comments. |
Sorry, I accidentally closed it. |
@yusukebe |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
Thank! Let's go! |
@yusukebe |
@sugar-cat7 No worry. I'm fixing it. |
Fixed! |
@sugar-cat7 |
Casbin is a library that simplifies authorization control.(ACL, RBAC, etc...)
While major frameworks like Express and Nest have user-defined middleware available, Hono did not have such an implementation. Therefore, I have created one for Hono.
https://casbin.org/docs/middlewares/