A powerful, type-safe authorization library for Sequelize.js
π Documentation β’ NPM Package β’ Report Bug β’ Request Feature
SequelizeGuard is a comprehensive authorization library for Sequelize.js that provides a robust, performant, and easy-to-use role-based access control (RBAC) system. Built with TypeScript and modern tooling, it enables you to manage complex permission structures with a clean, fluent API.
Sequelize Guard v6 is a complete rewrite with major improvements:
- π― Full TypeScript Support - Complete rewrite in TypeScript with full type definitions
- οΏ½ Sequelize 6 Compatible - Updated to work with Sequelize v6.x
- οΏ½ ESM & CommonJS - Dual package support for modern and legacy projects
- ποΈ Modern Tooling - Built with Vite, tested with Vitest
- οΏ½ Better Type Safety - Enhanced IntelliSense and compile-time checking
- β‘ 99% Backward Compatible - Minimal breaking changes from v5.x
Upgrading from v5? Check out the Migration Guide for a smooth transition.
- π Fast & Efficient - Cache-based permission resolution for optimal performance
- π― Intuitive API - Fluent, semantic API that reads like natural language
- π Flexible RBAC - Assign multiple roles and permissions to users
- π Event-Driven - Listen for authorization events for logging and auditing
- πΎ Smart Caching - Configurable user permission caching
- π‘οΈ Safe Operations - Built-in safeguards for role and permission deletions
# npm
npm install sequelize-guard sequelize
# yarn
yarn add sequelize-guard sequelize
# pnpm
pnpm add sequelize-guard sequelizeRequirements:
- Node.js β₯ 20.19.0
- Sequelize β₯ 6.37.7
import { Sequelize } from 'sequelize';
import SequelizeGuard from 'sequelize-guard';
const sequelize = new Sequelize(/* config */);
const guard = new SequelizeGuard(sequelize);
// Assign roles and permissions
await user.assignRole('admin');
await guard.allow('admin', ['view', 'edit'], 'blog');
// Check permissions
const canEdit = await user.can('edit blog');
const isAdmin = await user.isA('admin');Note: Works with both TypeScript and JavaScript (ESM/CommonJS). See documentation for JavaScript examples.
For comprehensive guides, API reference, and examples, visit our documentation:
π https://sequelize-guard.js.org
- Getting Started - Installation and basic setup
- API Reference - Complete API documentation
- TypeScript Support - Using with TypeScript
- Examples - Real-world usage examples
- Blog - Articles and insights about the project
- Migration Guide to v6 - Complete guide for upgrading to v6
// Check specific permission
await user.can('edit blog');
// Check wildcard permissions
await user.can('* blog'); // All actions on blog
await user.can('view *'); // View all resources
await user.can('*'); // Superadmin - all actions on all resources// Check single role
await user.isA('admin');
await user.isAn('editor');
// Check multiple roles
await user.isAnyOf(['admin', 'moderator']); // Has any of these roles
await user.isAllOf(['user', 'verified']); // Has all of these roles// Fluent API
await guard
.init()
.allow('admin')
.to(['view', 'edit', 'delete'])
.on('blog')
.commit();
// One-liner
await guard.allow('admin', ['view', 'edit'], 'blog');For more details, visit the full documentation.
We love contributions! SequelizeGuard is open source and we welcome contributions of all kinds:
- π Bug fixes
- β¨ New features
- π Documentation improvements
- β Test coverage improvements
- π‘ Ideas and suggestions
# Clone the repository
git clone https://github.com/lotivo/sequelize-guard.git
cd sequelize-guard
# Install dependencies
yarn install
# Run tests
yarn test
# Build
yarn buildAPI documentation is automatically generated from TypeScript source code:
# Generate API docs manually
yarn docs:generateThe API documentation is automatically updated after each release via GitHub Actions. See scripts/README.md for details.
Found a bug or have a feature request? Open an issue with:
- Clear description
- Steps to reproduce (for bugs)
- Your environment (Node, Sequelize, sequelize-guard versions)
This project is licensed under the MIT License - see the LICENSE file for details.
- Spatie's Laravel-permission - Authorization library for Laravel
- Node-ACL - Access Control List for Node.js
- Node-ACL - A versatile library with support for most ORMs
- AccessControl - Role and attribute-based access control
- CASL - Isomorphic authorization library
Need help? Here's how to get support:
- π Documentation: https://sequelize-guard.js.org (fallback: https://sequelize-guard.vercel.app)
- π Bug Reports: GitHub Issues
- π¬ Questions: GitHub Discussions
Created by Pankaj Vaghela for Open Source Community.
If you find this project helpful, please consider giving it a βοΈ!