Page Contents
Home > @loopback/authorization
authorization package
A LoopBack 4 component for authorization support (Role based, Permission based, Vote based)
Remarks
To read on key building blocks read through LoopBack authorization docs
Classes
| Class | Description |
|---|---|
| AuthorizationComponent | |
| AuthorizationError | The custom error class that describes the error thrown by the authorization module. Should be extracted to the common layer shared by authentication and authorization. |
| AuthorizationInterceptor | |
| AuthorizeMethodDecoratorFactory |
Enumerations
| Enumeration | Description |
|---|---|
| AuthorizationDecision | Decisions for authorization |
Functions
| Function | Description |
|---|---|
| authorize(spec) | Decorator @authorize to mark methods that require authorization |
| getAuthorizationMetadata(target, methodName) | Fetch authorization metadata stored by @authorize decorator. |
Interfaces
| Interface | Description |
|---|---|
| AuthorizationContext | Request context for authorization |
| AuthorizationMetadata | Authorization metadata supplied via @authorize decorator |
| AuthorizationOptions | |
| AuthorizationRequest | Inspired by https://github.com/casbin/node-casbin |
| Enforcer | An enforcer of authorization policies |
Namespaces
| Namespace | Description |
|---|---|
| AuthorizationBindings | Binding keys used by authorization component. |
| AuthorizationTags | Binding tags used by authorization component |
| authorize |
Variables
| Variable | Description |
|---|---|
| ANONYMOUS | |
| AUTHENTICATED | |
| AUTHORIZATION_CLASS_KEY | |
| AUTHORIZATION_METHOD_KEY | |
| EVERYONE | Built-in roles |
| UNAUTHENTICATED |
Type Aliases
| Type Alias | Description |
|---|---|
| Authorizer | A function to decide if access to the target should be allowed or denied |