Add System for Authorization Checks about auth HOT 6 OPEN

Oh, interesting. I might be able to help with it. I'll have need of something like that in my app in a couple of weeks.

from auth.

I've posted a pitch on the forum here with some ideas: https://forums.swift.org/t/pitch-vapor-4-authorization-system/22980

from auth.

I like the implementation above but I feel like authentication and authorization shouldn't be part of the same package. This should be separate.

from auth.

This actually was a part of the first version of this package, we just didn't have time to port it over during Vapor 3's release. See: https://github.com/vapor/auth/tree/1.2.1/Sources/Authorization

Hopefully I'll have time for Vapor 4's release to work on it. I think the "policy" idea here is interesting. I also like how Laravel does it: https://laravel.com/docs/5.8/authorization.

from auth.

Cool, that would be greatly appreciated. For this large of a change, I'd recommend doing a pitch first to really flesh out the idea and get feedback before code is written. You can see a couple examples of that here:

https://forums.swift.org/tags/c/related-projects/vapor/pitch

from auth.

Hi @tanner0101

I started a generic package for RBAC. It's currently stalled as it can't compile with Swift 5 due to a regression I logged with the Swift team. It's based off the NIST model. I've used it with Yii and it allowed me really granular control over routes and to apply custom rule files to those routes. I was hoping to get it finished before Vapor 4. But depends on when this bug is fixed.
But if it sounds like it or aspects of it might be useful let me know i'd be happy to help. Gotta earn that contributor/maintainer badge somehow :)

from auth.