Created
November 12, 2012 00:28
-
-
Save garth/4056917 to your computer and use it in GitHub Desktop.
Authorise middleware for use with passportjs or similar
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // check that the user has the correct role for access to the route. | |
| // to use, ensure that user has a roles array then add the following to routes | |
| // | |
| // app.get('/admin-route', app.authorise('admin', 'super-admin'), function (req, res) { ... }) | |
| // | |
| app.authorise = app.authorize = function () { | |
| var roles = Array.prototype.slice.call(arguments) | |
| return function (req, res, next) { | |
| if (req.user && _.any(roles, function (role) { | |
| return req.user.roles.indexOf(role) !== -1 | |
| })) { | |
| next() | |
| } | |
| else { | |
| res.send(403) | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment