Socket
Book a DemoInstallSign in
Socket

@basketry/express

Package Overview
Dependencies
Maintainers
1
Versions
35
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@basketry/express

Basketry generator for generating Express JS routers

0.4.2
latest
Source
npmnpm
Version published
Weekly downloads
855
-4.04%
Maintainers
1
Weekly downloads
 
Created
Source

main master

Typescript

Basketry generator for generating ExpressJS routers. This parser can be coupled with any Basketry parser.

Quick Start

The following example generates ExpressJS routers from a "Swagger" doc:

  • Save https://petstore.swagger.io/v2/swagger.json as petstore.json in the root of your project.
  • Install packages: npm install -g basketry @basketry/swagger-2 @basketry/express @basketry/typescript @basketry/typescript-validators
  • Generate code: basketry --source petstore.json --parser @basketry/swagger-2 --generators @basketry/express @basketry/typescript @basketry/typescript-validators --output src

When the last step is run, basketry will parse the source file (petstore.json) using the specified parser (@basketry/swagger-2) and then run each specified generator (@basketry/express, @basketry/typescript, and @basketry/typescript-validators) writing the output folder (src).

The routers can then be added to an Express server:

import * as express from 'express';

import {
  ApiKeyStrategy,
  authentication,
  OAuth2Strategy,
  petRoutes,
  storeRoutes,
  userRoutes,
} from './v1/express-routers'; // Generated by @basketry/express
import { PetService, StoreService, UserService } from './v1/types'; // Generated by @basketry/typescript
import { DbPetService, DbStoreService, DbUserService } from './services'; // Your hand-written implementations of the generated service interfaces

const app = express();

const apiKeyStrategy: ApiKeyStrategy = (key) => {
  return Promise.resolve({
    isAuthenticated: key === 'abcdef', // TODO: verify API key
    scopes: new Set(),
  });
};

const oauth2Strategy: OAuth2Strategy = (accessToken) => {
  return Promise.resolve({
    isAuthenticated: accessToken === 'abcdef', // TODO: verify access token
    scopes: new Set(), // TODO: parse scopes from token
  });
};

app.use('/v1', [
  authentication({
    api_key: apiKeyStrategy,
    petstore_auth: oauth2Strategy,
  }),
  petRoutes(new DbPetService()),
  storeRoutes(new DbStoreService()),
  userRoutes(new DbUserService()),
]);

// TODO: add global error handlers, etc

app.listen(8000, () => {
  console.log('listening on', 8000);
});

Consider adding the following Basketry config:

{
  "parser": "@basketry/swagger-2",
  "generators": [
    "@basketry/typescript",
    "@basketry/typescript-auth",
    "@basketry/typescript-validators",
    "@basketry/express"
  ],
  "source": "petstore.oas2.json",
  "output": "src"
}

Service Scopes

The services passed to each route builder can have one of two different scopes.

Singleton Scoped

When an instance of a service class is directly passed to a route builder, that same instance will be used for all requests. This means that any instance values within the class will be available across all calls to the service until the Express server is restarted.

app.use('/v1', [
  petRoutes(new DbPetService()),
  storeRoutes(new DbStoreService()),
  userRoutes(new DbUserService()),
]);

Request Scoped

When a function that returns an instance of a service class is passed to a router builder, the function will be run once for each request. This allows a new instance of a function to be created for each request. After the request is returns, the instance of the class will fall out of scope and may then be garbage collected by the Node process.

app.use('/v1', [
  petRoutes(() => new DbPetService()),
  storeRoutes(() => new DbStoreService()),
  userRoutes(() => new DbUserService()),
]);

If needed, the Express Request object is passed as a parameter to the service initializer function. This allows for services to be constructed based on data from the request.

app.use('/v1', [
  petRoutes(() => new DbPetService()),
  storeRoutes(() => new DbStoreService()),
  userRoutes((req) => new DbUserService(req.user)),
]);

Authentication and Authorization

Each route hander performs an authorization check prior to calling the service. If the current caller is not authenicated or is not authorized, the service method will not be called and the appropriate HTTP reponse will be returned instead.

The auth context used to perform these checks (in the form of an AuthService instance) may be accessed from the request object:

app.use('/v1', [
  // This middleware creates the auth context
  authentication({
    // The following are defined using OpenAPI's security and securityDefinition specs
    api_key: apiKeyStrategy,
    petstore_auth: oauth2Strategy,
  }),
  petRoutes(new DbPetService()),
  storeRoutes(new DbStoreService()),
  userRoutes((req) => {
    // Auth context may be accessed via the req object
    const authService = req.basketry?.context;
    return new DbUserService(authService);
  }),
]);

For contributors:

Run this project

  • Install packages: npm ci
  • Build the code: npm run build
  • Run it! npm start

Note that the lint script is run prior to build. Auto-fixable linting or formatting errors may be fixed by running npm run fix.

Create and run tests

  • Add tests by creating files with the .test.ts suffix
  • Run the tests: npm t
  • Test coverage can be viewed at /coverage/lcov-report/index.html

Publish a new package version

  • Ensure latest code is published on the main branch.
  • Create the new version number with npm version {major|minor|patch}
  • Push the branch and the version tag: git push origin main --follow-tags

The publish workflow will build and pack the new version then push the package to NPM. Note that publishing requires write access to the main branch.

Generated with generator-ts-console

FAQs

Package last updated on 23 Aug 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc

U.S. Patent No. 12,346,443 & 12,314,394. Other pending.