Group/rule-based authorization approach in node.js and express.js

Question

What are good strategies for role-based authorization in express.js? Especially with express-resource?

With Express-resource there are no handlers, so I think there are

Answer 1

Connect-roles is quite good, simple and the documentation is also very clear.

var user = roles;

app.get('/profile/:id', user.can('edit profile'), function (req, res) {
  req.render('profile-edit', { id: req.params.id }); 
})
app.get('/admin', user.is('admin'), function (req, res) {
  res.render('admin');
}