You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In many APIs in the wild there are some common requirements which are not mentioned in the README:
Authentication: The ability for a user to prove who they are to the server. (Can be stateless, e.g. with JWT.)
Access control: The ability for the system to restrict access of some data and operations to certain users.
I do not expect restify-mongoose to provide implementations of these features, but if restify-mongoose can support these behaviours, it would be helpful to see them documented in the README.
For example, something like this could be reassuring, and could increase adoption:
// If you want auth:
// server.use(restify.plugins.authorizationParser());
// If you want access control:
// server.get('/notes', notes.queryVisibleToUser());
// server.get('/notes/:id', checkUserCanView, notes.detail());
// server.post('/notes', checkUserCanAdd, notes.insert());
// server.patch('/notes/:id', checkUserCanModify, notes.insert());
// server.del('/notes/:id', checkUserIsOwner, notes.remove());
I am not sure if the code above would be the most appropriate solution. That's why I'm asking here!
The text was updated successfully, but these errors were encountered:
In many APIs in the wild there are some common requirements which are not mentioned in the README:
Authentication: The ability for a user to prove who they are to the server. (Can be stateless, e.g. with JWT.)
Access control: The ability for the system to restrict access of some data and operations to certain users.
I do not expect restify-mongoose to provide implementations of these features, but if restify-mongoose can support these behaviours, it would be helpful to see them documented in the README.
For example, something like this could be reassuring, and could increase adoption:
I am not sure if the code above would be the most appropriate solution. That's why I'm asking here!
The text was updated successfully, but these errors were encountered: