Provide dynamic roles based authorisation. Use koa-roles.
$ npm i egg-userrole --save
// {app_root}/config/plugin.js
exports.userrole = {
package: 'egg-userrole',
};
Recommend to use along with custom
userservice
plugin (which providectx.user
).see
egg-userservice
for more info.
Roles
build-in failureHandler
:
function failureHandler(ctx, action) {
const message = 'Forbidden, required role: ' + action;
if (ctx.acceptJSON) {
ctx.body = {
message: message,
stat: 'deny',
};
} else {
ctx.status = 403;
ctx.body = message;
}
};
Build-in user
role define:
app.role.use('user', ctx => !!ctx.user);
Define app.role.failureHandler(action)
method in config/role.js
app/extend/context.js
// {app_root}/config/role.js or {framework_root}/config/role.js
module.exports = app => {
app.role.failureHandler = function(ctx, action) {
if (ctx.acceptJSON) {
ctx.body = { target: loginURL, stat: 'deny' };
} else {
ctx.realStatus = 200;
ctx.redirect(loginURL);
}
};
}
// {app_root}/config/role.js or {framework_root}/config/role.js
module.exports = function(app) {
app.role.use('admin', ctx => {
return ctx.user && ctx.user.isAdmin;
});
app.role.use('can write', async ctx => {
const post = await ctx.service.post.fetch(ctx.request.body.id);
return ctx.user.name === post.author;
});
};
Please open an issue here.