Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
dat-middleware
Advanced tools
common request, response, body, query, and param validation, transformation, and flow control middleware
Common request, response, body, query, and param validation, transformation, and flow control middleware
npm install dat-middleware
requires the keys specified, and nexts a 400 error if one does not exist
mw.body(keys..).require()
mw.query(keys..).require()
mw.params(keys..).require()
var mw = require('dat-middleware');
var app = require('express')();
// requires that req.body.key1 and req.body.key2 are not undefined
app.use(mw.body('key1, key2').require());
// example error:
// 400 { message: body parameter "key1" is required }
requires the keys are strings (if they exist), and nexts a 400 error if one is not
mw.body(keys..).string()
mw.query(keys..).string()
mw.params(keys..).string()
requires the keys are numbers (if they exist), and nexts a 400 error if one is not
mw.body(keys..).number()
mw.query(keys..).number()
mw.params(keys..).number()
requires the keys are objects (if they exist), and nexts a 400 error if one is not
mw.body(keys..).object()
mw.query(keys..).object()
mw.params(keys..).object()
requires the keys are functions (if they exist), and nexts a 400 error if one is not
mw.body(keys..).function()
mw.query(keys..).function()
mw.params(keys..).function()
requires the keys are booleans (if they exist), and nexts a 400 error if one is not
mw.body(keys..).boolean()
mw.query(keys..).boolean()
mw.params(keys..).boolean()
requires the keys are arrays (if they exist), and nexts a 400 error if one is not
mw.body(keys..).array()
mw.query(keys..).array()
mw.params(keys..).array()
var mw = require('dat-middleware');
var app = require('express')();
// requires that req.body.key1 and req.body.key2 arrays *if they exist*
app.use(mw.body('key1, key2').array());
// example error:
// 400 { message: body parameter "key1" must be an array }
mw.body(keys..).instanceOf(Class)
mw.query(keys..).instanceOf(Class)
mw.params(keys..).instanceOf(Class)
requires the keys are an instance of the specified class (if they exist), and nexts a 400 error if one is not
var mw = require('dat-middleware');
var app = require('express')();
// requires that req.body.key1 and req.body.key2 arrays *if they exist*
app.use(mw.body('key1, key2').instanceOf(Class));
// example error:
// 400 { message: body parameter "key1" must be an instance of Class }
requires the keys pass the validation (if they exist), and nexts a 400 error if one is not dat-middleware uses spumko/boom for http errors (exported as mw.Boom)
var mw = require('dat-middleware');
var app = require('express')();
function is24Chars (val) {
return (val.length !== 24) ?
mw.Boom.badRequest('is not 24 characters'):
null; // pass
}
// requires that req.body.key1 and req.body.key2 arrays *if they exist*
app.use(mw.body('key1, key2').validate(is24Chars));
// example error:
// 400 { message: body parameter "key1" is not 24 characters }
transforms the values of the keys specified using the transformation function
var mw = require('dat-middleware');
var app = require('express')();
function toInt (v) {
return parseInt(v);
}
// transforms the req.body.key1 and req.body.key2 to integers
app.use(mw.body('key1, key2').transform(toInt));
picks the keys specified and ignores the rest. a way of filtering data values by key.
var mw = require('dat-middleware');
var app = require('express')();
// a body of { key1: true, key2: true, key3:true } becomes { key1: true }
app.use(mw.body('key1').pick());
for more flow control checkout middleware-flow
if the values of the key's specified are all truthy it will run the 'then middlewares' else if will run the 'else middlewares'
var mw = require('dat-middleware');
var app = require('express')();
// body of {key1:<truthy>} runs mw1 and mw2
// body of {key1:<falsy>} runs mw3
app.use(mw.body().if('key1')
.then(mw1, mw2)
.else(mw3));
var mw = require('dat-middleware');
var app = require('express')();
// body of {key1:<truthy>} runs mw1 and mw2
// body of {key2:<truthy>} runs mw1 and mw2
// body of {key1:<truthy>, key2:<truthy>} runs mw1 and mw2
// body of {key1:<falsy>} runs mw3
// body of {key1:<falsy>, key2:<falsy>} runs mw3
app.use(mw.body().if({ or: ['key1', 'key2'] })
.then(mw1, mw2)
.else(mw3));
if the values of the key's specified all exist it will run the 'then middlewares' else if will run the 'else middlewares'
var mw = require('dat-middleware');
var app = require('express')();
// body of {key1:true} runs mw1 and mw2
// body of {key1:null} runs mw3
app.use(mw.body().ifExists('key1')
.then(mw1, mw2)
.else(mw3));
var mw = require('dat-middleware');
var app = require('express')();
// body of {key1:'val'} runs mw1 and mw2
// body of {key2:true} runs mw1 and mw2
// body of {key1:'val', key2:'val'} runs mw1 and mw2
// body of {key1:undefined} runs mw3
// body of {key1:null, key2:null} runs mw3
app.use(mw.body().ifExists({ or: ['key1', 'key2'] })
.then(mw1, mw2)
.else(mw3));
note: conditionals do not chain with validations and transformations
var mw = require('dat-middleware');
var app = require('express')();
function hasLengthOf3 (val) {
return (val.length !== 3) ?
mw.Boom.badRequest('is not 3 characters'):
null; // pass
}
function toInt (v) {
return parseInt(v);
}
// requires that req.body.key1 and req.body.key2 exist and are 24 characters
app.use(mw.body('key1, key2').require().validate(hasLengthOf3).transform(toInt));
FAQs
common request, response, body, query, and param validation, transformation, and flow control middleware
We found that dat-middleware demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.