As stated in the README, the authorizer works by mapping the url to obj, the method to act and the user to sub. All these 3 fields come from the Express.Request object. I understand how it works when using the default BasicAuthorizer, but could not see how the request object is passed to the customized authorizer instance. Correct me if I am wrong.
Fix
This patch allows the user to pass the constructor of the Authorizer class to authz instead of an instance. By doing so the authz function can pass the request object to the constructor to create an instance so that the instance has access to the correct request object.
Notes
README has been updated to reflect the change
the husky commit hook is deleted because the prettier keeps failing in my dev environment and I couldn't commit with this hook. Please can a maintainer revert this?
Problem
As stated in the README, the authorizer works by mapping the url to
obj
, the method toact
and the user tosub
. All these 3 fields come from theExpress.Request
object. I understand how it works when using the defaultBasicAuthorizer
, but could not see how the request object is passed to the customized authorizer instance. Correct me if I am wrong.Fix
This patch allows the user to pass the constructor of the
Authorizer
class toauthz
instead of an instance. By doing so theauthz
function can pass the request object to the constructor to create an instance so that the instance has access to the correct request object.Notes