This uses the Fetch API, so technically it could work in the browser too. This is not recommended due to the need to handle PalAuth Client Secret tokens for the requests, as well as CORS restrictions.

Supported features

Currently, only the /check method is supported. This checks if a given user has a given permission, returning a simply boolean answer.

Installation

Because NPM is evil, this package is instead hosted within this Gitea repo.

Installing it isn't too hard! Just follow these simple steps.

Create (or modify) a .yarnrc.yml file (either in your home directory to configure globally, or in the root of the package where you want to install):

npmScopes:
 paltiverse:
   npmRegistryServer: "https://gitea.palk.me/api/packages/paltiverse/npm/"

You will now be able to install any public @paltiverse packages (either for all projects if you added this to your home directory, or just for the current project if you added it there).

In the package where you want to install the client, run:

yarn add @paltiverse/palauth-iam-node

For more details, see the Gitea docs.

Usage

import PalAuthIAMClient from "@paltiverse/palauth-iam-node"

const client = new PalAuthIAMClient({
    clientID: "abcdef",
    clientSecret: "abcdef",
    // If not using auth.palk.me:
    baseURL: "https://<my-palauth-instance>/iam",
})

const isAllowed = await client.checkPermission({
    userId: "abcdef",
    permission: "repositories.issues.create",
})

License

GNU GPL 3.0. See LICENSE.md.