passport-scope-restrict

Enforce authorization based on OAuth scopes set by Passport.js.

npm install passport-scope-restrict
1 downloads in the last week
4 downloads in the last month

passport-scope-restrict Build Status

Enforce authorization based on OAuth scopes set by Passport.js.

This is typically used to protect an API by requiring that the scopes associated with the client are allowed to call the API. Check out passport-http-bearer for one strategy you can build on to achieve this.

Examples

var express = require('express')
  , passport = require('passport')
  , restrict = require('passport-scope-restrict');

// setup your Express app, and configure Passport with some strategy which add `scopes` to `req.authInfo`.

app.use('/api/admin', restrict('admin'));

License

MIT. See LICENSE for details.

npm loves you