1 | 'use strict'
|
2 |
|
3 | const Boom = require('boom')
|
4 | const express = require('express')
|
5 | const nock = require('nock')
|
6 | const Rbac = require('../lib')
|
7 |
|
8 |
|
9 | const opts = {
|
10 | reqheaders: {
|
11 | authorization: /Bearer\s\S+/
|
12 | }
|
13 | }
|
14 | nock('http://www.example.com', opts)
|
15 | .post('/authorize', {
|
16 | permissions: ['users:read']
|
17 | })
|
18 | .times(1000)
|
19 | .delay(500)
|
20 | .reply(200)
|
21 | .post('/authorize', '*')
|
22 | .times(1000)
|
23 | .delay(500)
|
24 | .reply(401)
|
25 |
|
26 |
|
27 | const rbac = new Rbac({
|
28 | remoteAuth: {
|
29 | url: 'http://www.example.com/authorize'
|
30 | }
|
31 | })
|
32 |
|
33 | const app = express()
|
34 |
|
35 | app.get('/',
|
36 | rbac.express.authorizeRemote(['users:read']),
|
37 | (req, res, next) => {
|
38 | res.json({ message: 'You have acces to this awesome content!' })
|
39 | })
|
40 |
|
41 | app.get('/favicon.ico', (req, res, next) => res.sendStatus(200))
|
42 |
|
43 | app.use((err, req, res, next) => {
|
44 | if (!err.isBoom) {
|
45 | err = Boom.wrap(err)
|
46 | }
|
47 | return res
|
48 | .status(err.output.statusCode)
|
49 | .send(err.output.payload)
|
50 | })
|
51 |
|
52 | app.listen(3000, () => console.log('Listening @ 3000'))
|