Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
KonstantoS2015-06-30 23:18:50
Node.js
KonstantoS, 2015-06-30 23:18:50

Express.js How to define "next()" module in middleware (role-based access system) or pass a parameter?

Good day, I'm sawing a system with a role-playing access model. Now I have each router - a separate module. Would like to do something like this:

var roleModule = require(./libs/roles);
var events = require('./controllers/events');

app.use(roleModule.hasPermission);
app.use('/events', events);
...

At the same time, before calling roleModule.hasPermission, data about the user (id, role ..) has already been written to req.currUser.
I want to somehow determine which module they are trying to access in order to look at the permissions.
I don't want to cut the bike through req.path. I also don't want to do something like this in every controller:
var roleModule = require(./libs/roles);
router.use(function(req,res,next){
        roleModule.hasPermission(req.currUser.role,'%moduleName%',function(permitted){
              if(permitted)
                  next();
        });
});

Maybe there is a better method? My version above will give extra lines of code, I want to be more concise.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
I
Ilya Shatokhin, 2015-07-01
@KonstantoS 

var roleModule = require(./libs/roles);
var checkRole = function (name) { // пишем middleware один раз и для всех, передаем имя роутера через замыкание
  return function (req, res, next) {
    roleModule.hasPermission(req.currUser.role, name, function(permitted){ // возвращать флаг первым параметром ОЧЕНЬ плохая практика, по соглашению в node.js первым аргумент в коллбеке должна быть ошибка
      if (permitted)
        next();
      else
        res.sendStatus(403);
    })
  }
}

var router = express.Router();
router.use(checkRole("%name")); // где name это имя вашего модуля
app.use('/user', router);

Report
A
Alexander Litvinenko, 2015-06-30
@edli007 

app.all( '/cabinet/*', checkRole, function( req, res, next){
    ....
    next();
});

Similar questions
Y
YaRobot2017-03-29 15:10:39
Symfony ApiDoc FOSRestBundle and NelmioApiDocBundle (swagger)? 2Reply
K
krotish2015-06-22 10:28:55
How to compile chan_dongle under Tomato by Shibby (optware, Cross compilation)? 2Reply
B
BonBon Slick2017-06-11 18:13:14
Bootstrap 4, disable past dates for input type date? 2Reply
S
Sakura_Dub2019-12-16 18:40:04
I am writing a Discord bot, I get this error, how to solve it? 2Reply
A
Andrey Fedorov2015-08-19 22:13:50
Why fonts are not connected + https://developers.google.com/speed/pagespeed/insights? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question