fastify-xauth-local
Local JWT authentication plugin for Fastify with role-based access control.
fastify-xauth-local
JWT authentication with role-based access control (RBAC). Compatible with Express JWT patterns.
Installation
npm install @xenterprises/fastify-xauth-local
Quick Start
await fastify.register(xAuthLocal, {
jwtSecret: process.env.JWT_SECRET,
jwtExpiry: '7d',
roles: ['user', 'admin', 'superadmin'],
})
Usage
// Protected route
fastify.get('/profile', {
preHandler: fastify.authenticate
}, async (request) => {
return request.user
})
// Role-protected route
fastify.delete('/admin/users/:id', {
preHandler: fastify.authorize(['admin', 'superadmin'])
}, async (request) => {
// only admins reach here
})
Token Generation
const token = fastify.xauthLocal.generateToken({
userId: user.id,
email: user.email,
roles: user.roles,
})
AI Context
package: "@xenterprises/fastify-xauth-local"
type: fastify-plugin
decorates: [fastify.authenticate, fastify.authorize, fastify.xauthLocal, request.user]
use-when: Self-hosted JWT auth without external auth provider
preHandlers:
authenticate: validates JWT, sets request.user
authorize(roles): validates JWT + role membership
token: fastify.xauthLocal.generateToken({ userId, email, roles })
env-required: [JWT_SECRET]