serverless-reqvalidator-plugin
Advanced tools
Serverless plugin to set specific validator request on method
npm install serverless-reqvalidator-plugin
This require you to have documentation plugin installed
serverless-aws-documentation
Specify plugin
plugins:
- serverless-reqvalidator-plugin
- serverless-aws-documentation
In serverless.yml create custom resource for request validators
xMyRequestValidator:
Type: "AWS::ApiGateway::RequestValidator"
Properties:
Name: 'my-req-validator'
RestApiId:
Ref: ApiGatewayRestApi
ValidateRequestBody: true
ValidateRequestParameters: false
For every function you wish to use the validator set property reqValidatorName: 'xMyRequestValidator' to match resource you described
debug:
handler: apis/admin/debug/debug.debug
timeout: 10
events:
- http:
path: admin/debug
method: get
cors: true
private: true
reqValidatorName: 'xMyRequestValidator'
The serverless framework allows us to share resources among several stacks. Therefore a CloudFormation Output has to be specified in one stack. This Output can be imported in another stack to make use of it. For more information see here.
Specify a request validator in a different stack:
plugins:
- serverless-reqvalidator-plugin
service: my-service-a
functions:
hello:
handler: handler.myHandler
events:
- http:
path: hello
reqValidatorName: 'myReqValidator'
resources:
Resources:
xMyRequestValidator:
Type: "AWS::ApiGateway::RequestValidator"
Properties:
Name: 'my-req-validator'
RestApiId:
Ref: ApiGatewayRestApi
ValidateRequestBody: true
ValidateRequestParameters: false
Outputs:
xMyRequestValidator:
Value:
Ref: my-req-validator
Export:
Name: myReqValidator
Make use of the exported request validator in stack b:
plugins:
- serverless-reqvalidator-plugin
service: my-service-b
functions:
hello:
handler: handler.myHandler
events:
- http:
path: hello
reqValidatorName:
Fn::ImportValue: 'myReqValidator'
If you have an existing request validator defined outside of CloudFormation e.g. Terraform, you can reference it by id.
plugins:
- serverless-reqvalidator-plugin
service: my-service-a
functions:
hello:
handler: handler.myHandler
events:
- http:
path: hello
reqValidatorName:
id: 'g5ch0h'
service:
name: my-service
plugins:
- serverless-webpack
- serverless-reqvalidator-plugin
- serverless-aws-documentation
provider:
name: aws
runtime: nodejs6.10
region: eu-west-2
environment:
NODE_ENV: ${self:provider.stage}
custom:
documentation:
api:
info:
version: '1.0.0'
title: My API
description: This is my API
tags:
-
name: User
description: User Management
models:
- name: MessageResponse
contentType: "application/json"
schema:
type: object
properties:
message:
type: string
- name: RegisterUserRequest
contentType: "application/json"
schema:
required:
- email
- password
properties:
email:
type: string
password:
type: string
- name: RegisterUserResponse
contentType: "application/json"
schema:
type: object
properties:
result:
type: string
- name: 400JsonResponse
contentType: "application/json"
schema:
type: object
properties:
message:
type: string
statusCode:
type: number
commonModelSchemaFragments:
MethodResponse400Json:
statusCode: '400'
responseModels:
"application/json": 400JsonResponse
functions:
signUp:
handler: handler.signUp
events:
- http:
documentation:
summary: "Register user"
description: "Registers new user"
tags:
- User
requestModels:
"application/json": RegisterUserRequest
method: post
path: signup
reqValidatorName: onlyBody
methodResponses:
- statusCode: '200'
responseModels:
"application/json": RegisterUserResponse
- ${self:custom.commonModelSchemaFragments.MethodResponse400Json}
package:
include:
handler.ts
resources:
Resources:
onlyBody:
Type: "AWS::ApiGateway::RequestValidator"
Properties:
Name: 'only-body'
RestApiId:
Ref: ApiGatewayRestApi
ValidateRequestBody: true
ValidateRequestParameters: false
FAQs
Serverless plugin for setting request validation
We found that serverless-reqvalidator-plugin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.