Express Policies
Express Middleware to authorize users to access specific resource
Installation
npm install express-policies --save
Usage
const Policy = require('express-policies');
const app = express();
const MyProfilePolicy = require('./app/requests/policies/MyProfilePolicy');
app.get('/my-profile', Policy(MyProfilePolicy), function(request, response, next) {
// if you are here, you have the correct authorizations
});
Your Policy should return a boolean value (true/false) and receive express.request object Ex.:
module.exports = function(request) {
return (request.token.user_id === request.body.user_id);
};