express_jois
Advanced tools
npm install express-joi
npm install joi@17.4.0
const expressJoi = require('@escook/express-joi')
const express = require('express')
const app = express()
// 导入 Joi 来定义验证规则
const Joi = require('joi')
// 1. 导入 @escook/express-joi
const expressJoi = require('@escook/express-joi')
// 解析 x-www-form-urlencoded 格式的表单数据
app.use(express.urlencoded({ extended: false }))
// 2. 定义验证规则
// 注意:如果客户端提交的某些参数项未在 schema 中定义,
// 此时,这些多余的参数项默认会被忽略掉
const userSchema = {
// 2.1 校验 req.body 中的数据
body: {
username: Joi.string().alphanum().min(3).max(12).required(),
password: Joi.string()
.pattern(/^[\S]{6,15}$/)
.required(),
repassword: Joi.ref('password')
},
// 2.2 校验 req.query 中的数据
query: {
name: Joi.string().alphanum().min(3).required(),
age: Joi.number().integer().min(1).max(100).required()
},
// 2.3 校验 req.params 中的数据
params: {
id: Joi.number().integer().min(0).required()
}
}
// 3. 在路由中通过 expressJoi(userSchema) 的方式
// 调用中间件进行参数验证
app.post('/adduser/:id', expressJoi(userSchema), function (req, res) {
const body = req.body
res.send(body)
})
// 4.1 错误级别中间件
app.use(function (err, req, res, next) {
// 4.1 Joi 参数校验失败
if (err instanceof Joi.ValidationError) {
return res.send({
status: 1,
message: err.message
})
}
// 4.2 未知错误
res.send({
status: 1,
message: err.message
})
})
// 调用 app.listen 方法,指定端口号并启动web服务器
app.listen(3001, function () {
console.log('Express server running at http://127.0.0.1:3001')
})
更多的验证规则,请参考 Joi 的官方文档。
FAQs
基于 @hapi/joi,用于校验 body、query 和 params 的 express 中间件。
The npm package express_jois receives a total of 0 weekly downloads. As such, express_jois popularity was classified as not popular.
We found that express_jois demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.
Security News
vlt introduced its new package manager and a serverless registry this week, innovating in a space where npm has stagnated.
Security News
Research
The Socket Research Team uncovered a malicious Python package typosquatting the popular 'fabric' SSH library, silently exfiltrating AWS credentials from unsuspecting developers.
