Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
eggjs-validate
Advanced tools
eggjs-validate
A validate middleware for egg.js
Install
$ npm i eggjs-validate --save
Usage
1.Create a middleware file app/middleware/validator.js
'use strict';
module.exports = require('eggjs-validate');
2.Open a middleware in config/config.default.js
config.middleware = [
'validator'
];
3.Add rules to app/rules/
// app/rules/user.js
"use strict";
module.exports = {
getUserInfo: {
id: {
required: true,
message: 'id不能为空'
}
}
}
// app/rules/news.js
"use strict";
module.exports = {
addNews: {
link: [
{
required: true,
message: 'link不能为空'
},
{
type: 'string',
message: 'link 必须为是链接',
validator: (rule, value) => {
return rules.isURL(value);
},
},
]
}
}
4.Use in app/controller/user.js
const { body } = this.ctx.request
try {
...
await this.ctx.validator('user.getUserInfo', body)
...
}catch (e) {
this.ctx.body = {
message: e.message
}
}
Api
type
- string: Must be of type string. This is the default type.
- number: Must be of type number.
- boolean: Must be of type boolean.
- method: Must be of type function.
- regexp: Must be an instance of RegExp or a string that does not generate an exception when creating a new RegExp.
- integer: Must be of type number and an integer.
- float: Must be of type number and a floating point number.
- array: Must be an array as determined by Array.isArray.
- object: Must be of type object and not Array.isArray.
- enum: Value must exist in the enum.
- date: Value must be valid as determined by Date
- url: Must be of type url.
- hex: Must be of type hex.
- email: Must be of type email.
- any: Can be any type.
message
error message.
asyncValidator
Asynchronous check.
{
type: 'string',
message: 'link 必须为是链接',
asyncValidator: async(rule, value) => {
const res = await request.get(...)
...
return true
},
},
validator
Synchronous check.
Rules
Please refer to https://www.npmjs.com/package/validator
License
Everything is MIT.
FAQs
A validate plugin for egg.js
We found that eggjs-validate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 07 Sep 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026