visualiser-backend-service
Advanced tools
Readme
This is a module for validating the input and output of your controllers with an Open API schema. It consists primarily of a decorator and a interceptor that are used to define and validate against the schema respectively. Some helper functions and types are included. See below for details on how to use each.
This decorator is used to define the schema to be used for validation of the method handlers in your controllers. You should provide it with the Open API schema for path and HTTP method that corresponds to the handler you are decorating. For example:
import OpenApiSchema from 'contracts';
import { Schema } from '../schema-validator/Schema';
@Controller('pets')
class PetsController {
@Post('/')
@Schema(OpenApiSchema.paths['/pets'].post)
create(@Body() data) {
return this.petsService.create(data);
}
}
This interceptor uses the schema defined by the @Schema decorator to validate the request body, request query parameters and response body. This that the data going an and out is correct and type safe. The interceptor will also strip out any properties from those objects that are not defined in your schema. This prevents potentially malicious data coming in to the API and potentially secret data from accidentally leaving the API.
It is intended that the interceptor be used as a global interceptor like so:
import { NestFactory, Reflector } from '@nestjs/core';
import { AppModule } from './AppModule';
import { ValidateSchemaInterceptor } from './modules/schema-validator/ValidateSchemaInterceptor';
async function bootstrap() {
const app = await NestFactory.create(AppModule);
app.useGlobalInterceptors(
new ValidateSchemaInterceptor(app.get(Reflector))
);
...
}
bootstrap();
This module extracts the JSON schemas out of the Open API schema for each method handler and uses Ajv to validate the request and response payloads. Ajv is configured with the following options:
{
allErrors: true,
strict: true,
parseDate: true,
useDefaults: true,
removeAdditional: 'all'
}
When validating query parameters the coerceTypes: true option is also provided. This means that there is some deserialisation that occurs through parsing dates, using defaults, coercing types.
FAQs
backend service for visualiser
The npm package visualiser-backend-service receives a total of 1 weekly downloads. As such, visualiser-backend-service popularity was classified as not popular.
We found that visualiser-backend-service demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In an unprecedented surge, May 2024 saw the publication of over 5,000 CVEs, marking a historic milestone in cybersecurity with an average of 164 CVEs per day, nearly double the 2023 daily average.
Security News
The White House is addressing fragmented cybersecurity regulations as CISOs report spending up to 50% of their time on compliance, aiming to harmonize requirements and improve cybersecurity outcomes.
Security News
Research
The Socket Research Team has identified a malicious Python package that is typosquatting the popular crytic-compile utility, frequently used in popular toolkits and development environments for smart contracts and crypto applications.