granter

Composable, type-safe authorization for TypeScript

Get StartedView on GitHub
โœจ

Composable

Build complex permissions from simple rules with or, and, not operators

๐Ÿ”’

Type-safe

Full TypeScript inference with generic contexts and resources

โšก

Async-first

Works seamlessly with databases, APIs, and DataLoader batching

๐Ÿ”ง

Framework-agnostic

Works with Express, Hono, Next.js, GraphQL, React, and more

๐Ÿชถ

Zero dependencies

Lightweight and performant with no external dependencies

๐Ÿงช

Easy to test

Pure functions make permissions simple to test and debug

Quick Example

import { permission, or } from 'granter';

// Define permissions
const isAdmin = permission('isAdmin', (ctx) => 
  ctx.user.role === 'admin'
);

const isPostOwner = permission('isPostOwner', (ctx, post) => 
  post.authorId === ctx.user.id
);

// Compose permissions
const canEditPost = or(isPostOwner, isAdmin);

// Use them
if (await canEditPost(ctx, post)) {
  await updatePost(post);
}

// Or throw if not allowed
await canEditPost.orThrow(ctx, post);

Installation

npm install granter

Learn More

Getting Started โ†’

Install and use granter in 5 minutes

Core Concepts โ†’

Learn about permissions and operators

Express Example โ†’

Complete REST API example

API Reference โ†’

Full API documentation