visualiser-backend-service
Advanced tools
This is a module for validating the input and output of your controllers with an Open API schema. It consists primarily of a decorator and a interceptor that are used to define and validate against the schema respectively. Some helper functions and types are included. See below for details on how to use each.
This decorator is used to define the schema to be used for validation of the method handlers in your controllers. You should provide it with the Open API schema for path and HTTP method that corresponds to the handler you are decorating. For example:
import OpenApiSchema from 'contracts';
import { Schema } from '../schema-validator/Schema';
@Controller('pets')
class PetsController {
@Post('/')
@Schema(OpenApiSchema.paths['/pets'].post)
create(@Body() data) {
return this.petsService.create(data);
}
}
This interceptor uses the schema defined by the @Schema decorator to validate the request body, request query parameters and response body. This that the data going an and out is correct and type safe. The interceptor will also strip out any properties from those objects that are not defined in your schema. This prevents potentially malicious data coming in to the API and potentially secret data from accidentally leaving the API.
It is intended that the interceptor be used as a global interceptor like so:
import { NestFactory, Reflector } from '@nestjs/core';
import { AppModule } from './AppModule';
import { ValidateSchemaInterceptor } from './modules/schema-validator/ValidateSchemaInterceptor';
async function bootstrap() {
const app = await NestFactory.create(AppModule);
app.useGlobalInterceptors(
new ValidateSchemaInterceptor(app.get(Reflector))
);
...
}
bootstrap();
This module extracts the JSON schemas out of the Open API schema for each method handler and uses Ajv to validate the request and response payloads. Ajv is configured with the following options:
{
allErrors: true,
strict: true,
parseDate: true,
useDefaults: true,
removeAdditional: 'all'
}
When validating query parameters the coerceTypes: true option is also provided. This means that there is some deserialisation that occurs through parsing dates, using defaults, coercing types.
FAQs
backend service for visualiser
The npm package visualiser-backend-service receives a total of 0 weekly downloads. As such, visualiser-backend-service popularity was classified as not popular.
We found that visualiser-backend-service demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket CTO Ahmad Nassri discusses why supply chain attacks now target developer machines and what AI means for the future of enterprise security.
Security News
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.
Security News
Experts push back on new claims about AI-driven ransomware, warning that hype and sponsored research are distorting how the threat is understood.