express-yup
Advanced tools
`express-yup` is a super light-weight Express [middleware](https://expressjs.com/en/guide/using-middleware.html#using-middleware) to easily validate the Express [Request object](https://expressjs.com/en/4x/api.html#req) against a [Yup](https://www.npmjs.c
express-yup is a super light-weight Express middleware to easily validate the Express Request object against a Yup schema.
Yup is a leaner alternative to Joi, that also supports client-side validation and is the reason why this middleware was created in the first place - to easily share schemas between the client- and server-side.
If Joi is more your thing, then rather use the excellent express-validation library.
express-yup has two peer-dependencies that you need to ensure is installed first: express and yup.
Install from NPM:
npm install express yup # or yarn add express yup
If you are using TypeScript, you might want to install their type definition files as well:
npm install -D @types/express @types/yup # or yarn add -D @types/express @types/yup
and then install express-yup (it comes with its TypeScript types):
npm install express-yup # or yarn add express-yup
Add as middleware to your Express app as a whole if you want to validate all routes against a specific schema, or add individually to each route (more likely):
import express, { NextFunction, Request, Response } from 'express'
import bodyParser from 'body-parser'
import * as yup from 'yup'
import { validate } from 'express-yup'
const app = express()
// Add whatever other middleware you need for your Express app
app.use(bodyParser.json())
// Example global `express-yup` validate middleware
const authHeaderSchema = yup.object().shape({
headers: yup.object().shape({
authorization: yup
.string()
.matches(/^Bearer\s\w+$/)
.required(),
}),
})
app.use(validate(authHeaderSchema))
// Example route-level middleware
const routeSchema = yup.object().shape({
// notice that we are setting our schema to validate the `body` object here
body: yup.object().shape({
hello: yup.string().required(),
bye: yup.string().required(),
}),
})
app.post(
'/some-route',
validate(routeSchema),
(req: Request, res: Response) => {
// `hello` and `bye` guaranteed to be string properties on `req.body`
const { hello, bye } = req.body
// Do what you need from here
}
)
// Global error middleware
app.use((error: Error, req: Request, res: Response, next: NextFunction) => {
if (error instanceof yup.ValidationError) {
res.status(400).json({ message: error.message }) // status code is 400 by default
return
}
res.status(500).json({ message: 'Internal Server Error' })
})
MIT
FAQs
`express-yup` is a super light-weight Express [middleware](https://expressjs.com/en/guide/using-middleware.html#using-middleware) to easily validate the Express [Request object](https://expressjs.com/en/4x/api.html#req) against a [Yup](https://www.npmjs.c
The npm package express-yup receives a total of 3 weekly downloads. As such, express-yup popularity was classified as not popular.
We found that express-yup demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.