Sails APIs
express-js
is a Javascript SDK for Express.js and Sails.js. Secure your Sails APIs using Axioms authentication and authorization.
Prerequisite
- Node.js 9.0.0+
- An Axioms client which can obtain access token after user's authentication and authorization and include obtained access token as bearer in
Authorization
header of all API request sent to Node/Sails application server.
Install SDK
Install express-js
SDK to your project.
Add Config
Create a .env file in your project root and add following configs
AXIOMS_CACHE_KEY_TIME
is optional value in millisecond. Default to 600000
millisecond i.e. 10 minutes. Set to 0
if you don't want catch keys.
Inject config
Add following in policies.js
,
Guard Your API Views
Use authentication and permission classes to guard you API views.
Function | Description | Parameters |
---|---|---|
hasValidAccessToken | Checks if API request includes a valid bearer access token as authorization header. Check performed includes: token signature validation, expiry datetime validation, and token audience validation. | |
hasRequiredScopes | Check any of the given scopes included in scope claim of the access token. | An array of strings as conditional OR representing any of the allowed scope or scopes for the view as parameter. For instance, to check openid or profile pass ['profile', 'openid'] as parameter. |
hasRequiredRoles | Check any of the given roles included in roles claim of the access token. | An array of strings as conditional OR representing any of the allowed role or roles for the view as parameter. For instance, to check sample:role1 or sample:role2 roles you will pass ['sample:role1', 'sample:role2'] as parameter. |
hasRequiredPermissions | Check any of the given permissions included in permissions claim of the access token. | An array of strings as conditional OR representing any of the allowed permission or permissions for the view as parameter. For instance, to check sample:create or sample:update permissions you will pass ['sample:create', 'sample:update'] as parameter. |
Examples
- Check
openid
orprofile
scope present in the token
Then in add a policy to policies.js
which checks if token is valid and contains one of the required scopes,
- Check
sample:role
role present in the token
Then in add a policy to policies.js
which checks if token is valid and contains one of the required roles,
- Check permission present in the token at API method level
Then in add policies to policies.js
which checks if token is valid and contains required permission,
Sails Sample
To see a complete working example download Express sample from our Github repository or simply deploy to Heroku by clicking following button. You will need to provide Axioms domain and Axioms audience to complete deployment.