Respondo exposes some convenient methods on the res object of an express REST API, and adds some practical middleware for authentication.
Responders
app.use(respondo.responders());res.success(payload, statusCode = 200);
// For example
res.success({ name: 'Darth Vader' }, 201);
// Result (HTTP Status Code 201)
{
"success": true,
"code": 201,
"result": { "name": 'Darth Vader' }
}res.failure(message, statusCode = 400);
// For example
res.failure('You are not authorized to do so!', 401);
// Result (HTTP Status Code 401)
{
"success": true,
"code": 401,
"error": "You are not authorized to do so!"
}Errors
Adds standard errors 404 and 500 to the stack, as a fall-through. It also wraps Mongo validation and index errors, and presents them in a more generic way.
When called, it takes a boolean whether we are in production mode. In production mode, any error details of a generic 500 error are hidden from the user. In development mode, it falls through.
app.use(respondo.errors(false));Authorization middleware
Given the secret key, decodes a JSON web token set on the Authorizationheader. It sets an identity field on the req object containing properties user (the decoded payload) and authenticated (a boolean indicating if there is a user).
app.use(respondo.authorizationIdentity('ssshh!'));
// Sets the req.identity property
app.get('/', function(req, res) {
if (!req.identity.authenticated) {
return res.send('You are not authenticated');
} else {
return res.json(req.identity.user);
}
});