Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
hogan-middleware
Advanced tools
Readme
Middleware component to use Hogan.js mustache templates as views in an Express server
var app = express();
app.configure(function () {
app.set('views', __dirname + '/views'); // tell express which directory your views are in
app.set('view engine', 'mustache'); // name your templates
app.engine('mustache', require('hogan-middleware').__express); // register the engine
});
Once registered, your routing in express can use a mustache file name as the view to be rendered:
app.get('/', req, res, next) {
res.render('home', { SiteName: 'My Website' });
}
In this case there is a file named home.mustache
in the views
directory that may have content as:
<!doctype html>
<html>
<head><title>Hello World</title></head>
<body>
<h1>{{SiteName}}</h1>
</body>
</html>
Optional functionality in the middleware can be set before passing it into express:
var hoganMiddleware = require('hogan-middleware');
hoganMiddleware({
filter: ['**.mustache'], // override the default file extension searched for
// default is just the mustache file extension
flatten: true, // make all partials available with just their file name
// rather than the slash delimited path. default is enabled
watch: true // set to false to remove the live updating watchers -
// can be useful for running in production where files
// will not be regularly changing.
});
app.engine('mustache', hoganMiddleware.__express);
Mustache allows the use of partial templates, this is supported by the middleware component by making all templates available as partial templates when rendering a template.
When home.mustache
is being used as the name of the template to be rendered, that can include a.mustache
from the
views directory by adding {{>a}}
. As a.mustache
is rendered as a partial, that also has all templates available
to it for use as partials, so could in turn have {{>b}}
to include a nested partial.
To allow for a tidy source tree, templates can be in any number of sub-directories under the main views directory, they are all made available for use as partials without any path identifier.
Note - multiple templates with the same name but in different directories will overwrite each other. Set the
flatten
configuration option to false to always use the relative path as the name of the partials
(ie: {{>app/header}}
instead of just {{>header}}
). Whether the flatten
option is enabled or not, the relative
path name will always be available.
Note - don't include the same template as a partial inside itself.
As express uses the the render engine for the first time, a series of watches are added to any sub-directory of the views directory so that any changes are automatically reloaded for you while the server is still running.
FAQs
Middleware component to use Hogan.js mustache templates as views in an Express server
The npm package hogan-middleware receives a total of 30 weekly downloads. As such, hogan-middleware popularity was classified as not popular.
We found that hogan-middleware demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.