express-validate-requests

methods to validate and sanatise requests in express.js

Express Validate Requests

  • sanitizeRequest(req, res, next)
  • allowJustXHR(req, res, next)
  • allowJustJsonRequests(req, res, next)
  • allowXOrigin(req, res, next)

If the validation fails then an next(error) will be called. You should set up an error catcher as your last piece of middleware as a catchall for any errors.

  • checkGotAllParams(params:{@Object}, requiredParamsKeys:{@Array})
var express     = require('express'),
    app         = express(),
    valExpress  = require('express-validate-requests'),
    middle      = valExpress.middleware,
    helpers     = valExpress.helpers,
    allowedHosts = ["api.domainx.com", "www.domainx.com"],
    allowedOrigins = ["http://domainx.com", "http://www.domainx.com"];
 
app.configure(function() {
    app.use(middle.allowJustXHR);
    app.use(middle.onlyAllowJsonRequests);
    app.use(middle.sanitizeRequest);
 
    // middle.setAllowCrossOrigin returns fn(req, res, next)
    app.use(middle.setAllowCrossOrigin(allowedHosts, allowedOrigins));
});
 
app.get('/someroute', function (req,res,next) {
    var requiredParamsKeys = ["paramOneKey", "paramTwoKey"];
    if (!helpers.checkGotAllParams(req.query, requiredParamsKeys)) {
        next(new Error('invalid params'));
    } else {
        next();
    }
});
 
//... error catcher at very bottom
app.configure('development', function() {
    app.use(express.errorHandler()); // built-in express error handler
});
 
// listen once configured everything
http.createServer(app).listen(app.get('port'), function() {
    console.log("Express server listening on port: " + app.get('port'));
});