parch is a simple RESTful framework combining the power of restify for routing and sequelize ORM for dao access. Stop rewriting your server code and get parched.
If you'd like to contribute, take a look at the roadmap
npm install --save parch
For a full list of available options see below
const parch = require("parch");
// define your app
const parch = new parch.Application({
server: {
name: "my-app",
certificate: "/path/to/my.crt",
key: "/path/to/my.key",
log: Bunyan.createLogger(),
middlewares: [
restify.bodyParser(),
restify.queryParser(),
myCustomMiddleware()
]
},
authentication: {
secretKey: "ssshhh",
unauthenticated: [/\/posts[\s\S]*/, "/users/resetPassword"]
},
controllers: {
dir: path.resolve(__dirname, "controllers")
},
database: {
connection: {
username: "postgres",
password: "postgres",
database: "postgres",
host: "localhost",
dialect: "postgres",
logging: false
},
models: {
dir: path.resolve(__dirname, "models")
},
logging: {
dir: path.resolve(__dirname, 'logs'),
serializers: {
req(req) {
return {
url: req.url
}
},
res(res) {
return {
statusCode: res.statusCode
}
}
}
}
}
});
// wire up your routes
parch.map(function () {
this.resource("user");
this.route("user/resetPassword", {
using: "users:resetPassword", // controller:method
method: "post" // request method
});
});
parch.start(3000).then(() => {
console.log("App listening.")
});
The above will create the following route mapping
POST /users => UserController.create
GET /users => UserController.index
GET /users/:id => UserController.show
PUT /users/:id => UserController.update
DELETE /users/:id => UserController.destroy
POST /users/resetPassword => UserController.resetPassword
const parch = require("parch");
class UserController extends parch.Controller {
constructor(options) {
super(options);
}
index(req, res, next) {
this.findAll(req.query).then(records => {
/**
* {
* users: [{
* ...
* }]
* }
*/
res.send(this.statusCodes.SUCCESS, records);
}).catch(next);
}
show(req, res, next) {
this.findOne(req.params.id).then(record => {
/**
* {
* user: {
* ...
* }
* }
*/
res.send(this.statusCodes.SUCCESS, record);
}).catch(next);
}
create(req, res, next) {
this.createRecord(req.body.user).then(record => {
/**
* {
* user: {
* ...
* }
* }
*/
res.send(this.statusCodes.CREATED, record);
}).catch(next);
}
update(req, res, next) {
this.updateRecord(req.params.id, req.body).then(updatedRecord => {
/**
* {
* user: {
* ...
* }
* }
*/
res.send(this.statusCodes.SUCCESS, record);
}).catch(next);
}
destroy(req, res, next) {
this.destroyRecord(req.params.id).then(() => {
res.send(this.statusCodes.NO_CONTENT);
}).catch(next);
}
resetPassword(req, res, next) {
this.findOne(req.params.id).then(record => {
record.password = req.body.password;
return record.save();
}).then(record => {
res.send(this.statusCodes.SUCCESS);
}).catch(next);
}
}
Models are defined following the sequelize define, pattern.
lib/models/user.js
class UserModel extends parch.Model {
constructor() {
super();
}
associate(User, models) {
User.hasMany(models.Posts);
User.hasMany(models.User, { as: "Parent" });
}
define(DataTypes) {
const user = {
email: {
type: DataTypes.STRING,
validate: { isEmail: true }
}
};
return user;
}
}
parch loads associations of a record as an array of ids.
class UserController extends parch.Controller {
constructor() {
super();
}
show(req, res, next) {
this.findOne(req.params.id).then(user => {
/**
* {
* user: {
* firstName: "John",
* posts: [1, 2, 3]
* }
* }
*/
});
}
}
Authorization is handled using jwt, with more
options coming in the future. To disable auth for specific routes, use the
authentication.unauthenticated array. Empty by default, you can give a string
or regex expression to skip your unauthenticated routes
const parch = new parch.Application({
authentication: {
unauthenticated: [/\/posts[\s\S]*/, "/users/resetPassword"]
}
});
In order to authenticate a user, create and sign a JWT token to send back to the
client. The authorization middleware will then look for this token in the
Authorization header. see jsonwebtoken
const jwt = require("jsonwebtoken");
const app = require("express")();
app.post("/login", function (req, res, next) {
const token = jwt.sign({ userId: 1 }, "secret");
res.send({ token });
});
curl http://my-server.com/protectedRoute -H 'Authorization: Bearer <token>'
TODO
Logging is handled automatically for you. All requests and responses will be logged using a custom Bunyan instance.
Error handling is done using restify-errors.
When using controller helpers (findAll, findOne, etc) errors are handle automatically
for you. Just catch your Promise with next and parch will handle the rest.
show(req, res, next) {
this.findOne(req.params.id).then(user => {
}).catch(next);
}
/**
* { code: "NotFound", message: "User with id '1' does not exist" }
*/
Errors handled by parch:
findOne:
NotFound: The record does not existcreateRecord:
BadRequest: Request body was missing or invalidUnprocessableEntity: Model validations failedupdateRecord:
BadRequest: Request body was missing or invalidUnprocessableEntity: Model validations faileddestroyRecord:
NotFound: The record does not existNeed to handle your own errors? controller.errors contains all of restify-errors' errors
middlewares) are passed directly to restify
log: defaults to parch's bunyan instance but can be overriddenmiddlewares(Array): merged with parch's default middlwaressecretKey(String): A secret string used to sign JWT tokensunauthenticated(Array): an array of strings or regex patterns to skip authentication.dir(String): The path to your controllers directory. Default: _dirname/controllersconnection(Object) Sequelize connection optionsmodels
dir(String): The path to your models directory. Default: __dirname/modelsdir(String): Path where logs should be savedserializers(Object):
req(Function): your request serializer. takes the request as its only argumentres(Function): your response serializer. takes the response as its only argumentFAQs
Restify + Sequelize
The npm package parch receives a total of 24 weekly downloads. As such, parch popularity was classified as not popular.
We found that parch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.