Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
expressjs-plus
Advanced tools
A pluggable expansion to express js aimed at adding much needed features and helpers.
Kind: global class
This function abstracts the constraints of express middleware signature and allows you to easily pass variables between middlewares without ugly code. It introduces a neat pattern for passing these variables.
Param | Type | Description |
---|---|---|
app | Object | express app object |
passedParamHandlers | Array | array of functions in the format of @see lastHandler |
passedErrorHandlers | Array | array of middlewares |
Example
// Usage
var express = require('express');
var ExpressPlus = require('expressjs-plus').ExpressPlus;
var app = express();
// simple handler example
var userHandler = function(param, paramsArray, req, res){
if(param !== 'user') return false;
paramsArray.push("USER WAS FOUND!");
return true;
};
// this handler allows you to pass res.locals properties between your middlewares seemingly,
// it the parameter was found in locals, it attaches it to paramsArray.
var resLocalsHandler = function(param, paramsArray, req, res){
if(param in res.locals){
paramsArray.push(res.locals[param]);
return true;
}else return false;
};
var appPlus = new ExpressPlus(app, [userHandler, resLocalsHandler], []);
var regularFunction = function(user, id, cb){
return cb(null, { response: {user: user, id: id}, status: 200, resLocalsVar: "passVar" });
};
// resLocalsVar was passed in a previous method
var regularFunction2 = function(resLocalsVar, user, id, cb){
// now you can have access to it
console.log(resLocalsVar);
return cb(null);
};
// the responder at the end will use res.locals.status and res.locals.response to issue an HTTP response
app.use(appPlus.GMV(regularFunction), appPlus.GMV(regularFunction2), appPlus.responder);
// adds error handlers, it will add a default error handler along with the list of error handlers passed
// in this case, no error handlers were passed
appPlus.setErrorHandlers();
app.listen(3001, function(){
console.log('Listening!');
});
Example
//this is an example of a paramHandler function that is interested in the user parameter
function userHandler(param, paramsArray, req){
if(param === 'user'){
paramsArray.push(req.user);
return true;
}else{
return false;
}
}
Kind: instance class of ExpressPlus
Generic error handler
Param | Type | Description |
---|---|---|
status | Number | HTTP error code |
errCode | String | errorCode, the error handler should handle this |
Returns a middleware version of the function passed, this function replaces the last parameter with a callback function to work with express js.
Kind: instance property of ExpressPlus
Returns: function
Param | Type | Description |
---|---|---|
func | function | the function to be converted |
Example
function regularFunc(someVar, cb){
console.log(someVar);
return cb(null, {response: someVar+="addedString"});
}
// middleware version of regularFunc
var func = GMV(regularFunc);
// func will behave like this
function mw(req, res, next){
let someVar = req.query.someVar;
console.log(someVar);
res.locals.response = someVar+="addedString";
return next();
}
sets error handlers, make sure to use this last
Kind: instance method of ExpressPlus
Handles responses. Other middlewares need to use locals to pass data to this function
Kind: instance method of ExpressPlus
Param | Type | Description |
---|---|---|
req | Object | request object |
res | Object | response object |
res.status | function | function to set the status |
res.locals | Object | object that is used to pass data around |
res.locals.status | Number | Contains HTTP status code |
res.locals.response | Object | Contains the response body |
next | function |
Handles callbacks and puts response & status in the second callback argument if successful Replace your callback with this if appropriate.
Kind: instance method of ExpressPlus
Param | Type | Default | Description |
---|---|---|---|
cb | function | callback function | |
[status] | Number | 204 | optional argument to pass specific HTTP code if no errors were found if the status is 204, no response will be returns according to HTTP codes. |
Handles callbacks. Replace your callback with this if appropriate.
Kind: instance method of ExpressPlus
Param | Type | Description |
---|---|---|
cb | function | callback function |
[resource] | Object | optional argument to return instead of the actual result |
Enables sending array of middlewares to app.use
Kind: instance method of ExpressPlus
Param |
---|
middlewares |
boolean
Default parameter handler used in getMiddlewareVersion. Every parameter is passed to a set of functions to be handled, this is the last handler that just pushes the parameter to the paramsArray.
Kind: inner method of ExpressPlus
Returns: boolean
- if true is returned, the parameter will be considered handled and the function GMV will
move on to the next parameter. if false is returned, the next handler on the list will attempt to handle the
parameter until this methods turn comes, which will always return true
See: dataHandler this function is a more real example of a parameter handler, it is used to integrate
with another library https://www.npmjs.com/package/simple-express-validator
Param | Type | Description |
---|---|---|
param | String | string parameter |
paramsArray | Array | parameter arrays which will be sent to the underlying function of the middleware |
req | Object | express request object that is used in middlewares, useful for accessing req.params, req.query, etc |
res | Object | exppress response object that is used in middlewares, could be useful if you want to access res.locals |
npm test
© 2016 A Amri a.amri.91@gmail.com
FAQs
A pluggable expansion to express js aimed at adding much needed features and helpers.
The npm package expressjs-plus receives a total of 21 weekly downloads. As such, expressjs-plus popularity was classified as not popular.
We found that expressjs-plus demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.