Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

baucis

Package Overview
Dependencies
Maintainers
1
Versions
202
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

baucis

Baucis is Express middleware that creates configurable REST APIs using Mongoose schemata.

  • 0.5.3
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

baucis v0.5.3

Baucis is Express middleware that creates configurable REST APIs using Mongoose schemata.

Like Baucis and Philemon of old, this library provides REST to the weary traveler. The goal is to create a JSON REST API for Mongoose & Express that matches as closely as possible the richness and versatility of the HTTP 1.1 protocol.

Baucis uses semver.

David Rjckaert III - Philemon and Baucis Giving Hospitality to Jupiter and Mercury

David Rijckaert - Philemon and Baucis Giving Hospitality to Jupiter and Mercury

Usage

To install:

npm install baucis

An example of creating a REST API from a couple Mongoose schemata:

var Vegetable = new mongoose.Schema({
  name: String
});

var Fruit = new mongoose.Schema({
  name: String
});

// Note that Mongoose middleware will be executed as usual
Vegetable.pre('save', function () { ... });

// Register the schemata
mongoose.model('vegetable', Vegetable);
mongoose.model('fruit', Fruit);

// Create the API routes
baucis.rest({
  singular: 'vegetable',
});

baucis.rest({
  singular: 'fruit'
});

// Create the app and listen for API requests
var app = express();
app.use('/api/v1', baucis());
app.listen(80);

Later, make requests:

HTTP Verb/vegetables/vegetables/:id
GETGet all or a subset of documentsGet the addressed document
POSTCreates new documents and sends them back. You may post a single document or an array of documents.n/a
PUTn/aUpdate the addressed document
DELETEDelete all or a subset of documentsDelete the addressed object

HTTP Headers

Header FieldNotes
ETagSupported out-of-the-box by Express.
Last-ModifiedCan be set automatically by Baucis. Pass lastModified: 'foo' to baucis.rest in order to set the path to be used (currently it must be a Date). GET requests to the collection set this to the latest date out of all documents returned by the query.
AcceptSet to application/json for all responses.
AllowSet automatically, correctly removing HTTP verbs when those verbs have been disabled by e.g. passing put: false to baucis.rest.
LocationSet for PUT and POST responses.
LinkIf relations: true is passed to baucis.rest, this header will be set with various related links for all responses.

Examples

Query Options

NameDescription
conditionsSet the Mongoose query's find or remove arguments
skipDon't send the first n matched documents in the response
limitLimit the response document count to n
selectSet which fields should be selected for response documents
sortSort response documents by the given criteria. sort: 'foo -bar'' sorts the collection by foo in ascending order, then by bar in descending order.
populateSet which fields should be populated for response documents. See the Mongoose population documentation for more information.

It is not permitted to use the select query option or the select option of populate with a +path. This is to allow a mechanism for hiding fields from client software.

You can deselect paths in the schema definition using select: false or in the controller options using select: '-foo' and your server middleware will able to select these fields as usual using query.select, while preventing the client from selecting the field.

baucis.rest

baucis.rest returns an instance of the controller created to handle the schema's API routes.

var controller = baucis.rest({ ... });

Controllers are Express apps; they may be used as such.

var controller = baucis.rest({
  singular: 'robot'
});

// Add middleware before API routes
controller.use('/qux', function (request, response, next) {
  // Do something cool…
  next();
});

controller.get('/readme', function (request, response, next) {
  // Send a readme document about the resource (for example)
  next();
});


// Do other stuff...
controller.set('some option name', 'value');
controller.listen(3000);

Customize them with plain old Express/Connect middleware, including pre-existing modules like passport. Middleware can be registered like so:

controller.request(function (request, response, next) {
  if (request.isAuthenticated()) return next();
  return response.send(401);
});

Baucis adds middleware registration functions for three stages of the request cycle:

NameDescription
requestThis stage of middleware will be called after baucis applies defaults based on the request, but before the Mongoose query is generated
queryThis stage of middleware will be called after baucis applies defaults to the Mongoose query object, but before the documents or count are retrieved from the database. The query can be accessed in your custom middleware via request.baucis.query.
documentsThis stage of middleware will be called after baucis executes the query, but before the documents or count are sent in the response. The documents/count can be accessed in your custom middleware via request.baucis.documents.

Each of these functions has three forms:

The first form is the most specific. The first argument lets you specify whether the middleware applies to document instances (paths like /foos/:id) or to collection requests (paths like /foos). The second argument is a space-delimted list of HTTP verbs that the middleware should be applied to. The third argument is the middleware function to add or an array of middleware functions.

controller.request('instance', 'head get del', middleware);
controller.request('collection', 'post', middleware);

To add middleware that applies to both document instances and collections, the first argument is omitted:

controller.query('post put', function (request, response, next) {
  // do something with request.baucis.query
  next();
});

To apply middleware to all API routes, just pass the function or array:

controller.request(function (request, response, next) {
  if (request.isAuthenticated()) return next();
  return response.send(401);
});

controller.documents(function (request, response, next) {
  var ok = true;
  if (typeof request.baucis.documents === 'number') return next();
  [].concat(request.baucis.documents).forEach(function (doc) {
    if (!ok) return;
    if (doc.owner !== request.user.id) {
      ok = false;
      next(new Error('User does not own this.'));
    }
  });
  if (ok) next();
});

Controller Options

NameDescription
singularThe name of the schema, as registered with mongoose.model.
pluralThis will be set automatically using the lingo module, but may be overridden by passing it into baucis.rest.
basePathDefaults to /. Used for embedding a controller in another conroller.
publishSet to false to not publish the controller's endpoints when baucis() is called.
selectSelect or deselect fields for all queries e.g. 'foo +bar -password'
findByUse another field besides _id for entity queries.
lastModifiedSet the Last-Modified HTTP header useing the given field. Currently this field must be a Date.
head, get, post, put, delMay be set to false to disable those HTTP verbs completely for the controller

An example of embedding a controller within another controller

var subcontroller = baucis.rest({
  singular: 'bar',
  basePath: '/:fooId/bars',
  publish: false
});

subcontroller.query(function (request, response, next) {
  // Only retrieve bars that are children of the given foo
  request.baucis.query.where('parent', request.params.fooId);
  next();
});

// Didn't publish, so have to manually initialize
subcontroller.initialize();

var controller = baucis.rest({
  singular: 'foo'
});

// Embed the subcontroller at /foos/:fooId/bars
controller.use(subcontroller);

Contact

© 2012-2013 William P. Riley-Land

Keywords

FAQs

Package last updated on 21 Jun 2013

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc