@ssense/restify-request-validator
Advanced tools
Simple restify middleware which adds validation for all incoming requests.
To install the validator for use in your project, go to your project's main directory, then run the following command:
npm install --production --save @ssense/restify-request-validator
To add the middleware to your current restify project, follow the snippet below:
// Require module
var restifyValidation = require('@ssense/restify-request-validator');
...
// Create restify server
var server = restify.createServer();
...
// Add middleware
var validator = new restifyValidation.RequestValidator();
server.use(validator.validate.bind(validator));
By default, on each validation error, the RequestValidator will throw an Error object with a 500 HTTP code.
You can throw a specific restify error and http code, by passing it to the constructor:
var validator = new restifyValidation.RequestValidator(restify.BadRequestError);
With this configuration, on each validation error, the RequestValidator will throw a BadRequestError with a 400 HTTP code.
// Import module
import {RequestValidator} from '@ssense/restify-request-validator';
...
// Create restify server
const server = restify.createServer();
...
// Add middleware
const validator = new RequestValidator();
server.use(validator.validate.bind(validator));
Like for javascript initialization, you can pass a restify error handler in the constructor:
const validator = new RequestValidator(restify.BadRequestError);
Just add a validation param to the route to validate:
function respond(req, res, next) {
res.send('hello ' + req.params.name);
next();
}
// Without validation
server.get('/hello/:name', respond);
// With validation
server.get({
url: '/hello/:name',
validation: {
url: {
name: {type: 'string', required: true, min: 3},
},
},
}, respond);
With this validation, the name param must be a string with minimum length of 3.
The validation object accepts 3 optional properties:
To validate inputs, just add properties to url, query, and/or body params with the following syntax :
validation: {
<url/query/body>: {
<property_name>: {
type: 'valid type', // required field, supported types are 'string', 'number', 'boolean', 'numeric', 'date', array', 'object'
required: true|false, // optional, default false, determines is the parameter is required,
min: 1, // optional, default 1, if 'type' property is 'string' or 'array', determines the minimum length, if 'type' parameter is 'number', determines the minimum value
max: 5, // optional, default null, if 'type' property is 'string' or 'array', determines the maximum length, if 'type' parameter is 'number', determines the maximum value
length: 3, // optional, default null, only works if 'type' property is 'string' or 'array', determines the required length,
arrayType: 'valid type', // optional, default null, only works if 'type' property is 'array', check if the array content has valid types, supported types: 'string', 'number', 'boolean', 'numeric'
values: ['value1', 'value2'], // optional, default null, validates that parameter value belongs to the provided list, if 'type' is 'array', validates every array element
regex: /^Valid regex$/, // optional, default null, validates parameter value against provided regex
terminal: true|false|['type', 'required', 'and so on...'] // optional, default false, when defined as 'true' or array of constraints, returns only error messages associated with this property_name and defined rules
format: function(data): data // Function to transform input after validation, see below for more detail
}
}
}
If you need to constrain the payload of the url, query, or body to the properties being validated, a parameter disallowExtraFields can be defined with the following syntax:
validation: {
<url/query/body>: {
<property_name>: {
// regular property validation as shown in the example above
},
disallowExtraFields: true|false // optional, default false, determines if the payload sent on the <url/query/body> should allow fields which are not present on the validation object
}
}
By default, every numeric, date and boolean inputs will be automatically transformed respectively to valid number, Date and boolean objects after validation. So you can directly use valid objects in your code.
If you need to add an extra formatting for one or several fields, just add the format parameter into your validation object. This parameter is a function with the following profile:
format<T>(value: T): T;
Let's take an example:
For a given route, let's say we want to transform one parameter called language to lower case, it could be performed as this:
server.get({
url: '/posts/:language',
validation: {
url: {
language: {type: 'string', required: true, format: function(value) { return value.toLowerCase(); }}, // For Javascript
language: {type: 'string', required: true, format: (value: string) => value.toLowerCase()}, // For Typescript
},
},
}, respond);
With this parameter, if the validation succeeds, the respond method will always have a lower case language parameter, whatever the original input is.
You can pass custom error messages via the validationMessages param of the route:
function respond(req, res, next) {
res.send('hello ' + req.params.name);
next();
}
server.get({
url: '/hello/:name',
validation: {
url: {
name: {type: 'string', required: true, min: 3},
},
},
validationMessages: {
name: {
type: 'The name must be a string',
required: 'The name is required',
min: 'The name must have a minimum length of 3 characters'
}
},
}, respond);
By default the validator will throw an error on the first validation failure, if you want to change this behavior to get all the validation errors, you can call the disableFailOnFirstError method on your validator object:
// Require module
var restifyValidation = require('@ssense/restify-request-validator');
...
// Create restify server
var server = restify.createServer();
...
// Add middleware
var validator = new restifyValidation.RequestValidator();
validator.disableFailOnFirstError();
server.use(validator.validate.bind(validator));
// Import module
import {RequestValidator} from '@ssense/restify-request-validator';
...
// Create restify server
const server = restify.createServer();
...
// Add middleware
const validator = new RequestValidator();
validator.disableFailOnFirstError();
server.use(validator.validate.bind(validator));
It is still possible to determine which errors should be returned individually when disableFailOnFirstError is activated. In order to do so, one should define the parameter terminal on each property being validated.
To install the validator and get a proper development environment, clone/fork the current repository, then run the following command:
npm install
npm run lintnpm tnpm run cover, the result will be available in the folder <your_project_dir>/tests/coverage/index.htmlBefore each commit to this project, don't forget to build javascript files by running the following command:
npm run compile
disableFailOnFirstError behavior - rundefdisallowExtraFields constraint - DarlintonPrauchnerThis project is licensed under the MIT License - see the LICENSE.md file for details.
FAQs
Restify requests validator
We found that @ssense/restify-request-validator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Newly introduced telemetry in devenv 1.4 sparked a backlash over privacy concerns, leading to the removal of its AI-powered feature after strong community pushback.
Security News
TC39 met in Seattle and advanced 9 JavaScript proposals, including three to Stage 4, introducing new features and enhancements for a future ECMAScript release.
Security News
Deno 2.2 enhances Node.js compatibility, improves dependency management, adds OpenTelemetry support, and expands linting and task automation for developers.