Security News
JavaScript Leaders Demand Oracle Release the JavaScript Trademark
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
middy-kneel-before-zod
Advanced tools
An input and output validator middleware using Zod for Middy
This middleware automatically validates the inputs and output of events in AWS Lambda. It currently handles input in the request body, query string parameters, and path parameters, and output in the response body.
If an incoming event fails validation a BadRequest
error is raised. If an outgoing response fails validation a InternalServerError
error is raised. Optional user callbacks can be provided if you would prefer to raise a custom error instead. This middleware can be used in combination with httpErrorHandler to automatically return this response to the user.
When using http request body input, it is recommended that a body parser middleware (like http-json-body-parser) is used to parse the string input into the correct object type. Make sure you put it in the middy .use
chain before this middleware.
Similarly, if using a body output with an API Gateway event, you'll need to make sure that the output is stringified before being sent out. A middleware like http-response-serializer works nicely for this. It also needs to be included in the middy .use
chain before this middleware. (Because the after
actions are processed in the opposite order of the before
actions.)
The middleware is configured by passing in a configuration object. All of the properties on the configuration object are optional. The properties are:
Four schema types: (zod schemas created from z.object()
)
inputBodySchema
inputPathParametersSchema
inputQueryStringParametersSchema
outputBodySchema
And two callback handler functions:
inputErrorHandler(error: z.ZodError): void
outputErrorHandler(error: z.ZodError): void
import middy from '@middy/core';
import middyJsonBodyParser from '@middy/http-json-body-parser';
import httpResponseSerializer from '@middy/http-response-serializer';
import { middyZodValidator } from 'middy-zod-validator';
import { z } from 'zod';
const handler = middy((event, context) => {
return {};
});
const personSchema = z.object({
firstName: z.string(),
lastName: z.string(),
age: z.number(),
});
const responseSchema = z.object({
message: string,
});
handler
.use(middyJsonBodyParser())
.use(httpErrorHandler())
.use(
httpResponseSerializer({
serializers: [
{
regex: /^application\/json$/,
serializer: ({ body }) => JSON.stringify(body),
},
],
default: 'application/json',
}),
)
.use(
middyZodValidator({
inputBodySchema: person,
outputBodySchema: responseSchema,
}),
);
// The types to use in your event code would be something like:
// type Person = z.infer<typeof personSchema>;
// type Response = z.infer<typeof responseSchema>;
Everyone is very welcome to contribute to this repository. Feel free to raise issues or to submit Pull Requests.
FAQs
An input and output validator middleware using Zod for Middy
The npm package middy-kneel-before-zod receives a total of 54 weekly downloads. As such, middy-kneel-before-zod popularity was classified as not popular.
We found that middy-kneel-before-zod demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In an open letter, JavaScript community leaders urge Oracle to give up the JavaScript trademark, arguing that it has been effectively abandoned through nonuse.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.