
Research
Security News
The Growing Risk of Malicious Browser Extensions
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
This package contains a decorator for endpoints in flask and a way to validate dictionary/JSON elements.
It omits the need to validate the data yourself and allow its usage by other kinds of APIs like graphql through the UniversalValidator
.
Use pip to install the package from PyPI:
pip install pyschemavalidator
This package provides a flask route decorator to validate a JSON payload or dictionary elements.
from flask import Flask, make_response, jsonify, g, url_for
from pyschemavalidator import validate_param
# example imports
from models import Model
app = Flask(__name__)
@app.route('/invocations', methods=['POST'])
@validate_param(key="sepal_length", keytype=float, isrequired=True)
@validate_param(key="sepal_width", keytype=float, isrequired=True)
@validate_param(key="petal_length", keytype=float, isrequired=True)
@validate_param(key="petal_width", keytype=float, isrequired=True)
def register():
# if the payload is invalid, the request will be aborted with the appropriate error code
# do model inference
data = request.get_json(silent=True, force=False)
output = Model.predict(data.get('sepal_length'), data.get('sepal_width'), data.get('petal_length'), data.get('petal_width'))
return make_response(jsonify({"output:": output}), 200)
The payload is verified through the parameters set on the decorators. If the body does not meet the decorator's specifications it returns a standard response with the appropriate error code.
You can also use the package without the decorator style as below:
from pyschemavalidator.validators import UniversalValidator
# Creates a Universal validator to the dictionary/JSON elements
request_validator = UniversalValidator()
request_validator.add(key="example1", keytype=str, isrequired=True)
request_validator.add(key="example2", keytype=str, isrequired=False)
# Example data
data = {"example1": "test", "example2": "test"}
# Add some validations to the JSON/dictionary element
status_code, message = request_validator.validate(
tag1=data.get("example1"),
tag2=data.get("example2")
)
if status_code != 200: # It means that something got wrong with the validation
raise ValueError(message)
else
... # Do whatever you want
As of 1.2.0 this decorator uses flask.request.get_json(force=False)
to get the data. This means the mimetype of the request has to be 'application/json'.
On validation failure, the library calls flask.make_response
and passes the error code and the message.
The following are the steps to create a virtual environment into a folder named "venv" and install the requirements.
# Create virtualenv
python3 -m venv venv
# activate virtualenv
source venv/bin/activate
# update packages
pip install --upgrade pip setuptools wheel
# install requirements
python setup.py install
Tests can be run with python setup.py test
when the virtualenv is active.
1.0.4 - Removed support to Python 2.7
1.0.3 - Fix description and README
1.0.2 - Fix the missing required parameter issue
1.0.1 - Fix the bonduaries issue
1.0.0 - First release
FAQs
Decorator for endpoint inputs on APIs and a dictionary/JSON validator.
We found that pyschemavalidator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
Research
Security News
An in-depth analysis of credential stealers, crypto drainers, cryptojackers, and clipboard hijackers abusing open source package registries to compromise Web3 development environments.
Security News
pnpm 10.12.1 introduces a global virtual store for faster installs and new options for managing dependencies with version catalogs.