AuthGuardian support for adding express.js permissions directly

We've been working hard on AuthGuardian to make securing every app, server, and
API as straight-forward as possible. Today we've pushed support for adding
[`express.js`](https://expressjs.com) permissions for our [`onegraph-auth
integration`](https://www.onegraph.com/docs/jwt_express.html) as a direct effect
inside AuthGuardian.

For example, if we wanted to only allow users to access the `/we-rock` route on
our express app if they were logged into Spotify, we could use these rules:

> When this user on Spotify login status is true
>
> Then On express js add permissions [`to-rock`]

and that would give us the resulting JWT:

``` json
{
  "iss": "OneGraph",
  "aud": "https://serve.onegraph.com/dashboard/app/00000000-0000-0000-0000-000000000000",
  "iat": 1579590299,
  "exp": 1579676699,
  "permissions": [
    "to-rock"
  ]
}
```

which we can use just like in our [example expressjs + AuthGuardian app](https://codesandbox.io/s/express-4jnjx):

``` javascript
app.get("/we-rock", guard.check(["audiophile"]), function(req, res) {
  // Now users can only access this route...
  // with express permission to-rock!
});
```

Check out the [source code of the example
app](https://github.com/OneGraph/onegraph-express-jwt-example) if you're looking
for how to get started with Express and AuthGuardian!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

AuthGuardian support for adding express.js permissions directly #44

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

AuthGuardian support for adding express.js permissions directly #44

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions