Skip to content

Instantly share code, notes, and snippets.

@jeffwhelpley
jeffwhelpley / gist:6059715
Last active December 20, 2015 02:58
This is a design spec for a configuration-based Node.js NoSql security access library.

Node.js CRUD Configurator

The past 2 months I have been focused almost exclusively on building a new, exciting product for GetHuman. I am using the MEEAN stack (i.e. MongoDB Express.js ElasticSearch AngularJS Node.js), which basically means doing a boat load of JavaScript development. As someone who has done a lot of JavasScript development can tell you, there are a ton of open source libraries out there that can help speed your development and improve the quality of your code.

In fact, there are so many great libraries out there that I am always surprised when I can't find a good one for something that I think is a common problem. One such problem came up a couple weeks ago and I was inspired to create a solution which I hope to turn into a new open source library.

Problem

When an API is exposed with multiple roles and perhaps even multiple permission levels within each role, it takes a decent amount of code to properly control security access. For example, here are some examples of role based secu