/RBAC_node_impl

Role Based Access Control implementation in Node.js

Primary LanguageTypeScriptMIT LicenseMIT

Role-based Access Control implementation

Role-based Access Control(RBAC) is a security mechanism used in software systems to manage and restrict access to resources according to predefined role(s) assigned to users of the system.

Getting started

This repository provides an implementation of Role-Based Access Control(RBAC) to secure a RESTful API by protecting resources from unauthorized access. It ensures that only authorized users—those with the required permissions for a specific resource—can gain access.
JSON serves as the representational format for the endpoints, facilitating seamless integration with front-end applications, whether web, mobile, or other platforms.

Note: Users referred here are database-seeded. Scope of this repo is narrowed to focus on RBAC implementation. User signup and login is not covered here. If this is a feature you would like to build on top, this repo is a meticulous guide with all features of a typical User Authentication, such as sign up, login, password reset, ....

Typescript is extensively used for strong type-safety.
Project is open for suggestions, Bug reports and pull requests.

Technologies used

  • Typescript
  • Node.js with Express framework
  • TypeORM as ORM with MySQL as the database.

How to run

Ensure you have Node.js and MySQL installed on the platform you wish to run this project. Node.js version 18.11+ is recommended.

  1. Clone this repository

    Clone the project into your local computer:

    git clone https://github.com/hane-smitter/RBAC_node_impl.git

  2. Install dependencies

    Change into directory with the project and run:

    npm install

  3. Set up environment variables

    Copy .env.example file into a new file with the name: .env. The command in Linux:

    cp .env.example .env

    You should have the following variables:

    DB_USER=
DB_PASS=
DB_HOST=
DB_PORT=
SERVER_PORT=

    DB_USER - Is the database user name, e.g root
    DB_PASS - Is the password of the database. Leave empty if no password is needed.
    DB_HOST - Is the host of the database. If you have installed MySQL locally, this should be 127.0.0.1.
    DB_PORT - Is the port the database engine is listening to. MySQL default port is 3306. If it is modified, just ensure you provide it here.
    SERVER_PORT - Is the port our server will listen to when application is run. If left empty, it defaults to 3000.

    In the .env, provide the values for these variables.

  4. Seed users

    API routes are protected. Home(/) route is the only exception. You need to be a user with a role—that has the required permissions for a particular resource—to gain access.

    To seed users with assigned roles, run:

    npm run seed

    This following users with asssigned roles will be created:

    firstName lastName role
    Hakuna Matata Super Admin
    Cinderella Mitchell Manager
    Malik Tembo Admin
    John Doe User
    Linda Okello Guest
    Eva Stephanie Guest

    The image below shows permissions under each role:

    Roles with their permissions.