AderKonstantin/aderktech-chronark.com-
1
0
Fork 0
mirror of https://github.com/AderKonstantin/aderktech-chronark.com-.git synced 2025-06-08 21:58:41 +03:00
Code Issues Packages Projects Releases Wiki Activity
aderktech-chronark.com-/content/projects/access.mdx
Andreas Thomas d13531c222
redesign
2023-03-26 12:29:53 +02:00

76 lines
2.0 KiB
Plaintext
Raw Blame History

---
title: "@chronark/access"
description: A minimal library for access control. It is designed to be used together with opaque access tokens by providing a simple interface to define roles with different access permissions and verifying requests to resources.
repository: chronark/access
date: "2022-11-13"
published: true
---
A minimal library for access control. It is designed to be used together with opaque access tokens by providing a simple interface to define roles with different access permissions and verifying requests to resources.
- Fully typed
- Zero dependencies
- Serializable to store in a database
## Install
```sh-session
npm i @chronark/access
```
## Usage
```ts
import { AccessControl, Role } from "@chronark/access";
/**
* Define all your resources and their access patterns
*
* key => resource
* value => array of access types
*/
type Statements = {
user: ["read", "write", "dance"];
team: ["read", "write"];
};
/**
* Create an access control instance and pass the Statements type to enjoy full
* type safety
*/
const ac = new AccessControl<Statements>();
/**
* Now you can define one or more roles by specifying the access permissions
*
* This is already fully typed and typescript will let you know if you try to
* use anything, that is not defined in the Statements type.
*/
const role = ac.newRole({
user: ["read", "write"],
team: ["read"],
});
/**
* Simulate storing and retrieving the role in a database
*
* The idea here is, that you can store permissions alongside an API token.
* Now, when you verify the token, you can also verify the access permissions.
*/
const serialized = role.toString();
/**
* Note how you can pass in the Statements type again, to get full type safety
*/
const recovered = Role.fromString<Statements>(serialized);
/**
* Validate the role by specifying the resource and the required access
*
* everything is fully typed
*/
const res = recovered.authorize({"team", ["read"]});
// res.success => boolean
// res.error => string | undefined provides a reason for failure
```
Reference in New Issue View Git Blame Copy Permalink