In this post, We gonna build an access control layer using
express-jwt-permissions for express based application. ACL will keep users from accessing information not meant for them.
We gonna create the express.js application to role-based access control example.
let’s create a folder called
$ mkdir aclJWTExpress
After creating, change the directory to
$ cd aclJWTExpress
Now initialize the project with npm init command
$ npm init --yes
--yes tells npm to use the default options while generating the
package.json so you are not asked any questions
After running the command above, you should have a
package.json file in the
Below are the npm modules that we are going to use in this tutoiral
express - The popular Node framework
express-jwt-permissions - Permissions middleware for JWT tokens
body-parser - Will let us get parameters from our POST requests
jsonwebtoken - JSON Web Token sign and verification
sequelize - Sequelize is a promise-based ORM for Node.js v4 and up
sequelize-cli - sequelize-cli is usful to generate model, migration file..etc
mysql2 - MySQL client for Node.js with focus on performance
Install all the dependencies with below command
npm install --save express body-parser sequelize-cli sequelize mysql2 jsonwebtoken express-jwt-permissions jsonwebtoken
Now create an empty project with sequelize cli init command. It will generate migrations, seeders, config and models directories, and defulat config file.
$ node_modules/.bin/sequelize init
I got the following log in my console:
Created "config\config.json" Successfully created models folder at "C:\Users\arjun\aclJWTExpress\models". Successfully created migrations folder at "C:\Users\arjun\aclJWTExpress\migrations". Successfully created seeders folder at "C:\Users\arjun\aclJWTExpress\seeders".
If you are using windows OS, open
models/index.js file and correct the config file path.
var config = require(__dirname + '/..\config\config.json')[env]; to
var config = require(__dirname + '/../config/config.json')[env];