express-contract
Advanced tools
A middleware for express that to validate inputs of your REST API with Joi, or any validators.
express-contract is a small project that add contract validation to your API.
yarn add express-contract
npm install --save express-contract
const Joi = require("joi"); // Or any schema validator (must have a .validate() method)
const contract = require("express-contract").contract;
const schema = Joi.object().keys({
username: Joi.string().alphanum().min(3).max(30).required(),
});
app.post("/api/user", contract(schema), function (req, res) {
if (!req.compliance) {
// Look at req.violation for validation errors
res.status(400).json({
error: "Bad request",
});
return;
}
res.status(200).json(req.body);
});
Variables:
req.compliance to know if the contract is respectedreq.body to access the object return by validatorreq.originalBody to access original object return by validatorreq.query to access the object return by validator (GET only)req.originalQuery to access original object return by validator (GET only)req.violation for validation errorYou can also precise the property to validate (usually body or query, but can be whatever you want), by default it's body, expect for GET requests.
// like /api/user?username=tot even if it's a POST method
app.post("/api/user", contract(schema, "query"), function (req, res) {
if (!req.compliance) {
// Look at req.violation for validation errors
res.status(400).json({
error: "Bad request",
});
return;
}
res.status(200).json(req.query);
});
Or using multiple contract, but while not validate others contracts the previous failed.
app.post(
"/api/user",
contract(schema_query, "query"),
contract(schema_body, "body"),
function (req, res) {
if (!req.compliance) {
// Look at req.violation for validation errors
res.status(400).json({
error: "Bad request",
});
return;
}
res.status(200).json({
query: req.query,
body: req.body,
});
}
);
Actually, it was test with Joi, and need body-parser.
But should work with other validators if the .validate() method has the following signature:
Schema.validate(schema, callback(err, value));
value returned by the validator's callback is used to get defaults values that are set in the schema.
FAQs
A middleware for express that to validate inputs of your REST API with Joi, or any validators.
We found that express-contract demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.