Lightweight connect based authorization middleware.
This library was extracted from an internal project where our authorization requirements where extremely simple. Large and more feature-rich libraries seemed like overkill. We also wanted something that is expressive and consistent with express.js' routes.
###Installation
npm install authorizer --save###Example
This example makes use of passport.js for authentication
var express = require('express')
var passport = require('passport');
var authorizer = require('authorizer');
var routes = [
{method : 'delete', path : '/api*', check : function(req) {return req.user.isAdmin();}},
{method : 'post', path : '/api/resource', check : function(req) {return req.user.isAdmin();}},
{method : 'post', path : '/api/auth*', check : authorizer.assertAlwaysOpen},
{method : 'get,post', path : '/api*', check : function(req) {return req.isAuthenticated();}},
{method : '*', path : '*', check : authorizer.assertAlwaysClosed}
];
app.configure(function() {
app.passport = passport;
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.cookieParser());
app.use(express.session({ secret: 'Some secret' }));
app.use(passport.initialize());
app.use(passport.session());
app.use(authorizer(routes));
app.use(app.router);
});