npm

Need private packages and team management tools?Check out npm Orgs. »

swagger-request-validator

2.0.3 • Public • Published

swagger-inputs-validator

npm version Travis Build Status

About

Lightweight Express middleware that controls your incoming requests. It will reject all requests that do not respect the requirements written in your swagger.

So far, the middleware is able to control the parameters present in :

  • req.query
  • req.params
  • req.body

You have two ways of using this middleware :

  • Control all the requests by using an application middleware
  • Control a specific route by using a route middleware

Installation

$ npm install swagger-inputs-validator --save

Examples

Controls your entire application :
var express = require('express');
var SwaggerValidator = require('swagger-inputs-validator');
var bodyParser = require('body-parser');
var swaggerFile = require("./swagger.json");
var app = express();
 
var swaggerMiddleware = new SwaggerValidator(swaggerFile);
 
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(swaggerMiddleware.all());
 
app.get('/products', function(req,res){
  res.json({success: 'If you can enter here it seems that swagger validator let you get in'});
});
 
app.listen(80);
 
Controls a specific route :
var express = require('express');
var SwaggerValidator = require('swagger-inputs-validator');
var bodyParser = require('body-parser');
var swaggerFile = require("./swagger.json");
var app = express();
 
var swaggerMiddleware = new SwaggerValidator(swaggerFile);
 
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
 
app.get('/products', swaggerMiddleware.get('/products'), function(req,res){
  res.json({success: 'If you can enter here it seems that swagger validator let you get in'});
});
 
app.listen(80);
 

Why would I use only a route middleware if I can control my entire app using swaggerMiddleware.all() ?

You might want to implement this middleware progressively into your code. This is why, you would start by refractoring your code route by route instead of controlling your whole app. Moreover, for tests purpose, you might want to disable some controls and let others active.

So far, you can use the route middleware with the following HTTP verbs :

  • GET
  • POST
  • PUT
  • DELETE
  • HEAD
  • PATCH

Options

When you are calling the constructor, you can specify options :

  • strict : Default to false. When it's true, SwaggerInputsValidator will reject all the incoming parameters that are not specified in the swagger file
  • onError : a function that will handle your custom error behaviour
  • allowNull : Default to true, allows your users to send you (in the body) variables that are equal to null.
 
var customErrorHandler = function(errors, req, res){
  res.status(400);//You could choose a custom error code
  res.json({message : "This message is coming from a custom error handler. Please find all your mistakes in the errors variable", errors : errors});
};
 
var swaggerMiddleware = new SwaggerValidator(swaggerFile, {strict : true, onError : customErrorHandler, allowNull : false});

Current release capabilities

  • Parse a swagger json file (2.0 specification)
  • checking parameters in req.query
  • checking parameters in req.body
  • checking parameters in req.params
  • checking parameters in req.headers
  • checking optinal variables
  • checking variable types string | integer | double | boolean
  • checking object structure present within the body
  • checking parameters in req.file
  • checking arrays
  • checking string patterns (with RegExp)

We are currently working to enhance this middleware, any contribution is welcome :)

Tests

Unit tests have been written using Mocha. To launch them, please run the following command :

$ npm test

install

npm i swagger-request-validator

Downloadsweekly downloads

5

version

2.0.3

license

MIT

homepage

github.com

repository

Gitgithub

last publish

collaborators

  • avatar
Report a vulnerability