express-contract

A middleware for express that to validate inputs of your REST API with Joi, or any validators.

Usage no npm install needed!

<script type="module">
  import expressContract from 'https://cdn.skypack.dev/express-contract';
</script>

README

express-contract Build Status

express-contract is a small project that add contract validation to your API.

Installation

yarn add express-contract

npm install --save express-contract

Usage

const Joi = require("joi"); // Or any schema validator (must have a .validate() method)
const contract = require("express-contract").contract;

const schema = Joi.object().keys({
  username: Joi.string().alphanum().min(3).max(30).required(),
});

app.post("/api/user", contract(schema), function (req, res) {
  if (!req.compliance) {
    // Look at req.violation for validation errors

    res.status(400).json({
      error: "Bad request",
    });

    return;
  }

  res.status(200).json(req.body);
});

Variables:

  • req.compliance to know if the contract is respected
  • req.body to access the object return by validator
  • req.originalBody to access original object return by validator
  • req.query to access the object return by validator (GET only)
  • req.originalQuery to access original object return by validator (GET only)
  • req.violation for validation error

You can also precise the property to validate (usually body or query, but can be whatever you want), by default it's body, expect for GET requests.

// like /api/user?username=tot even if it's a POST method
app.post("/api/user", contract(schema, "query"), function (req, res) {
  if (!req.compliance) {
    // Look at req.violation for validation errors

    res.status(400).json({
      error: "Bad request",
    });

    return;
  }

  res.status(200).json(req.query);
});

Or using multiple contract, but while not validate others contracts the previous failed.

app.post(
  "/api/user",
  contract(schema_query, "query"),
  contract(schema_body, "body"),
  function (req, res) {
    if (!req.compliance) {
      // Look at req.violation for validation errors

      res.status(400).json({
        error: "Bad request",
      });

      return;
    }

    res.status(200).json({
      query: req.query,
      body: req.body,
    });
  }
);

Actually, it was test with Joi, and need body-parser.

But should work with other validators if the .validate() method has the following signature:

Schema.validate(schema, callback(err, value));

value returned by the validator's callback is used to get defaults values that are set in the schema.

Keep in touch!