Casbin Auth

Casbin is a powerful and efficient open-source access control library for Go. It provides support for enforcing authorization based on various models. By far, the access control models supported by Casbin are:

  • ACL (Access Control List)
  • ACL with superuser
  • ACL without users: especially useful for systems that don’t have authentication or user log-ins.
  • ACL without resources: some scenarios may target for a type of resources instead of an individual resource by using permissions like write-article, read-log. It doesn’t control the access to a specific article or log.
  • RBAC (Role-Based Access Control)
  • RBAC with resource roles: both users and resources can have roles (or groups) at the same time.
  • RBAC with domains/tenants: users can have different role sets for different domains/tenants.
  • ABAC (Attribute-Based Access Control)
  • RESTful
  • Deny-override: both allow and deny authorizations are supported, deny overrides the allow.

Echo community contribution

Dependencies

  1. import (
  2.   "github.com/casbin/casbin"
  3.   "github.com/labstack/echo-contrib/casbin" casbin-mw
  4. )

Usage

  1. e := echo.New()
  2. e.Use(casbin-mw.Middleware(casbin.NewEnforcer("casbin_auth_model.conf", "casbin_auth_policy.csv")))

For syntax, see: Model.md.

Custom Configuration

Usage

  1. e := echo.New()
  2. ce := casbin.NewEnforcer("casbin_auth_model.conf", "")
  3. ce.AddRoleForUser("alice", "admin")
  4. ce.AddPolicy(...)
  5. e.Use(casbin-mw.MiddlewareWithConfig(casbin-mw.Config(
  6.   Enforcer: ce,
  7. )))

Configuration

  1. // Config defines the config for CasbinAuth middleware.
  2. Config struct {
  3.   // Skipper defines a function to skip middleware.
  4.   Skipper middleware.Skipper
  6.   // Enforcer CasbinAuth main rule.
  7.   // Required.
  8.   Enforcer *casbin.Enforcer
  9. }

Default Configuration

  1. // DefaultConfig is the default CasbinAuth middleware config.
  2. DefaultConfig = Config{
  3.   Skipper: middleware.DefaultSkipper,
  4. }