@besmarthead/sh-api-framework - npm Package Compare versions

Comparing version 1.0.9 to 1.0.10

package.json

		{
		"name": "@besmarthead/sh-api-framework",
		"version": "1.0.9",
		"version": "1.0.10",
		"description": "SmartHead framework library for serverless APIs (security, openapi/swagger validation, logging ,... )",
		@@ -46,3 +46,3 @@ "keywords": [
		},
		"gitHead": "013f96eb542bea40eb654568c4a3882a629f92b9"
		"gitHead": "ccff1ac88c8fb780d4cd8a25355c0374a3385408"
		}

README.md

		# What is SH API Framework

		Annotations and libraries (utils) to help solve common tasks with API:
		- validation (with swagger / openapi): annotation '@OpenApi'
		- security (JWT validation): annotation '@SecuredApi'
		- API status handler/logger (ERROR/OK): annotation '@StatusLogger'
		- AWS Logger: util class 'AWSLambdaLogger'


		### Validation with @OpenApi

		Validation of request / response with Swagger.
		- Required is to have valid swagger file on path ``/src/openapi-doc.yaml``.
		- If handler is annotated with @OpenApi than path of handler defined in ``serverles.yaml`` (to which is handler bind) must be also defined in swagger file.
		- Request and response is validated

		#### Options
		- swaggerDocPath: custom path to swagger file.
		- apiPrefix: when try to find path of handler in swagger file -> this prefix is add.
		example: when run in AWS and API is deployed to custom domain, all API has prefix which is not part of path of handler.
		- skipResponseValidator: should be validation of response skipped.

		### Security with @SecuredApi

		If handler is annotated with @SecuredAPI than API caller must be valid user (e.g. valid token in request):
		- HTTP header 'x-authorization' must contain valid JWT token
		- if configured, other validation must pass

		#### Options
		- header: if token is in different header, set name of header here
		- isSHAdmin: If set to REQUIRED, user must be SH admin.
		If set to ALLOW and user is SH admin than other validations are skipped.


		### API Response and Status handling with @StatusLogger

		AWS Lambda functions are monitored with Elastic (logstash, elasticsearch, kibana, ...).
		If handler is annotated by this method:
		- and handler returns some entity (JSON object), logged is status "OK"
		- and handler throw exceptions, logged is status "ERROR" and monitoring systems (like Kibana watcher) can raise alert.


		### Common errors:
		- 'createInternalException': Argument is string (witch is logged). Returned is response with status code 500 with message "Internal Server Error.
		Use when some unexpected error happen (cannot connect to DB, etc. ...) - When is not required to let caller of API know what is wrong.
		But logs contains what is wrong.


		### Common logging with AWSLambdaLogger

		Logger.


		## How to release

		Requirement: have user in NPM and be part of team: "developers" in orhanization "besmarthead" (https://www.npmjs.com/settings/besmarthead/teams/team/developers/users)
		Requirement: have user in NPM and be part of team: "developers" in organization "besmarthead" (https://www.npmjs.com/settings/besmarthead/teams/team/developers/users)
		- Check if user is logged into NPM (`npm whoami`). If user is not logged: `npm login`
		@@ -11,2 +62,2 @@ - `lerna publish --no-private`
		When publishing with lerna argument "--no-private", those packages are ignored" from publish.
		[Doc: lerna#--no-private](ttps://github.com/lerna/lerna/tree/master/commands/version#--no-private)
		[Doc: lerna#--no-private](https://github.com/lerna/lerna/tree/master/commands/version#--no-private)

@besmarthead/sh-api-framework - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics