A middleware solution for integrating CASL authorization with GraphQL servers, with specific support for Postgraphile and Nuxt GraphQL Server.
- CASL integration with GraphQL resolvers
- Framework-specific helpers for Postgraphile and Nuxt
- Type-safe ability definitions
- Support for field-level permissions
- Ability to combine multiple authorization rules
pnpm add casl-graphql-middleware
import { createCaslMiddleware } from 'casl-graphql-middleware'
const middleware = createCaslMiddleware({
subjectMap: {
User: 'User',
Item: 'Item'
},
fieldPermissions: {
'Item.price': [{ action: 'read', subject: 'item' }]
}
})
import { postgraphile, makePluginHook } from 'postgraphile'
import { postgraphileCaslPlugin } from 'casl-graphql-middleware'
const middleware = postgraphile(
"postgres://user:pass@localhost:5432/db",
'public',
{
appendPlugins: [
postgraphileCaslPlugin({
subjectMap: {
User: 'app_user',
Item: 'item'
}
})
]
}
)
Create an ability:
mutation CreateAbility {
createAbility(input: {
userId: "123",
roles: ["admin"]
}) {
success
ability
message
}
}
Test protected queries:
query GetSecretData {
getSecretData {
id
content
}
}
- Node.js >= 20
- pnpm
- Docker and Docker Compose
- Clone the repository:
git clone <repository-url>
cd casl-graphql-middleware
- Install dependencies:
pnpm install
- Run the Postgraphile example:
pnpm dev:postgraphile
.
├── docker/
│ └── postgraphile/ # Postgraphile example implementation
├── src/
│ ├── middleware/ # Core CASL middleware
│ ├── types/ # TypeScript types
│ ├── helpers.ts # Framework integrations
│ └── index.ts # Main exports
- Implements CASL as a Postgraphile plugin
- Supports ability creation and management
- Integrates with Postgraphile's schema extension system
- Provides middleware for Nuxt's GraphQL module
- Handles ability creation on request
- Integrates with Nuxt's context system
- Fork the repository
- Create your feature branch
- Commit your changes
- Push to the branch
- Create a new Pull Request
MIT License
- Add comprehensive test suite
- Add more framework integrations
- Implement ability persistence
- Add more examples for different use cases
- Add documentation for advanced usage scenarios