Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
middleware-flow
Advanced tools
Middleware control flow library
npm install middleware-flow
var series = require('middleware-flow').series;
var app = require('express')();
app.use(series(mw1, mw2, mw2)); // equivalent to app.use(mw1, mw2, mw3);
var parallel = require('middleware-flow').parallel;
var app = require('express')();
// runs the middlewares in 'parallel'
app.use(parallel(mw1, mw2, mw2)); // if err, returns the first error that occurred
var each = require('middleware-flow').each;
var arr = [1,2,3];
var app = require('express')();
// runs the middlewares in 'parallel'
app.use(
each(arr,
// runs the middlewares in parallel
function (eachReq, res, next) {
// eachReq is a scoped req for the each function that reads from req,
// but writes to it's own scope (prototypically inherits from request)
},
function (item, req, eachReq, res, next) {
// if middleware accepts five arguments, the current item and the original req are passed
// eachReq is a scoped req for the each function that reads from req,
// but writes to it's own scope (prototypically inherits from request)
})
); // if err, returns the first error that occurred
var or = require('middleware-flow').or;
var app = require('express')();
// runs the middlewares in series, until one passes (no next(err));
app.use(or(user.isOwner, user.isModerator)); // if err, returns the first error that occurred
Same as series.
var if = require('middleware-flow').if;
var app = require('express')();
app.use(
if(true)
.then(one, two, three)
.else(error)
);
var syncIf = require('middleware-flow').syncIf;
var app = require('express')();
app.use(
syncIf(nameQueryExists) // accepts a sync function that returns a boolean
.then(one, two, three) // true -> then, error -> skips all next(err)
.else(error)
);
function nameQueryExists (req, res) {
return exists(req.query.name);
}
function exists (val) {
return val !== null && val !== undefined;
}
var asyncIf = require('middleware-flow').asyncIf;
var or = require('middleware-flow').or;
var fs = require('fs');
var app = require('express')();
app.use(
asyncIf(bodyFileExists) // expects boolean as the result argument
.then(one, two, three) // true -> then, false -> else, error -> skips all next(err)
.else(other)
);
function logExists (req, res, cb) {
fs.exists(req.body.file, function (exists) {
cb(null, exists);
});
}
var mwIf = require('middleware-flow').mwIf;
var app = require('express')();
app.use(
mwIf(userIsModerator) // error here, just runs the else middlewares
.then(one, two, three) // no error -> then, error -> else
.else(other) // if other is an error middleware it will recieve
// the error else the error will be ignored
);
function userIsModerator (req, res, next) {
if (!req.user.isModerator) {
next(new Error('access denied'));
}
else {
next();
}
}
var flow = require('middleware-flow');
var app = require('express')();
app.use(
flow.try(saveUser) // error here, just runs the catch middlewares
.catch(rollback) // no error -> other, error -> rollback
// if rollback is an error middleware it will recieve
// the error else the error will be ignored
);
function saveUser (req, res, next) {
db.save(req.user, next);
}
app.use(
flow.bg(mw1, mw2, mw2)
); // runs the middlewares in series in the background
FAQs
Middleware control flow library: series, parallel, or, and
The npm package middleware-flow receives a total of 401 weekly downloads. As such, middleware-flow popularity was classified as not popular.
We found that middleware-flow demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.