Skip to main content

Predefined Roles

Any decorator-mounted API paths are individually controllable in terms of authentication style and role requirements. HttpServerShim class itself is a generic type that is able to take in a template class {[roleName]: any} which you can define based on your application needs.

export class MyAppServer extends HttpServerShim<{
    ADMIN: boolean, // you can add more role rubric as part of server type
    USER: boolean,
    ...,
}> {
    ...

    @HTTP.POST(`/my-admin-api`)
    @HTTP.ACCESS(['ADMIN']) // only ADMIN role can invoke
    myAdminApiFunction = myAdminApiFunction

    ...
}

server.config.security.token.customHandler = async (
    op: HttpOp,
    token: string,
): Promise<Result<boolean>> => {
    // more authentications ...
    if (token === 'admin_token') {
      op.addApplicableRoles('ADMIN') // adds role ADMIN to current op context
    }
    return ok(true)
}