Hello i am creating a validation middleware but the problem is i have 2 types to the same endpoint so i created two schema for each.
All i want to do is when type is somthing pass through middleware_a esle return middleware_b
here is my idea but its not working
const middlewareStrategy = (req,res,next) => {
if(req.params.type === "Something"){
return custom_middleware(schemas.A_body);
}
return custom_middleware(schemas.B_body);};
A_Body here is just validation schema.
It's a bit hard to tell eactly what you're trying to do because you don't show the actual middleware code, but you can dynamically select a middleware a couple of different ways.
Dynamically call the desired processing function
const middlewareStrategy = (req,res,next) => {
const schema = req.params.type === "Something" ? schemas.A_body : schemas.B_body;
bodyStrategy(schema, req, res, next);
};
In this middleware, you're dynamically calling a bodyStrategy function that takes the schema and res, res, next so it can act as middleware, but will know the schema.
Create a middleware that sets the schema on the req object
const middlewareStrategy = (req,res,next) => {
req.schema = req.params.type === "Something" ? schemas.A_body : schemas.B_body;
next();
};
Then, use it like this:
// this sets req.schema to be used by later middleware
app.use(middlewareStrategy);
Then, you can use another middleware that expects to find the req.schema property to do its job:
// this middleware uses req.schema
app.use(customMiddleware);
If this isn't exactly what you were looking for, then please include the code of your actual middleware so we can see what we're really aiming for.
Related
In my express application I have a module called helpers thats is required in almost all my routes and modules. This module has a logger method that logs to fluentd (but that's unimportant). While building the data to log I'd like to add a unique identifier of the request, so that all the logs written for the same request have the same unique ID. Using a global var in the app entry point app.use doesn't work because this var would be overwritten every time a new request hits, so the global uuid will change would obviously change in case of high load or long running tasks. The res.locals is not available outside routing, so I can't use it for this matter. Is there a way to create a var that would be unique per request and available in every module or maybe a way to access the res.locals data outside routing? Thank you
EDIT
Maybe an example will help understand better the question.
Suppose I have a module called helpers.js like this:
let helpers = {};
helpers.log = (logData, logName) => {
fluentLogger.emit('', {
name: logName,
//uuid: the needed uuid,
message: logData
});
}
module.exports = helpers;
Now obviously I can do this in my app.js entry point:
app.use(function (req, res, next) {
res.locals.uuid = uuid.v4();
next();
});
and then in every loaded middleware module that requires helpers(adding a new param to the helpers.log method):
const helpers = require('helpers');
router.post('/', (req, res, next) => {
helpers.log('my log message', 'myLogName', res.locals.uuid);
next();
});
and this will normally work. But suppose a big or middle size project where there are hundreds of custom modules and models (not middlewares) and a module may require other modules that require other modules that require finally the helpers module. In this case I should pass the res.locals.uuid as a parameter to every method of every method so that I have it available in the logger method. Not a very good idea. Suppose I have a new module called dbmodel.js that is required in a middleware function:
const helpers = require('helpers');
let dbmodel = {};
dbmodel.getSomeData = (someParam) => {
//some logic
helpers.log('my log message', 'myLogName');
}
module.exports = dbmodel;
The dbmodel has no idea about the res.locals data if I don't pass it from the middleware, so the helpers.log method will also have no idea about this.
In PHP one would normally write a GLOBAL var in the application's entry point so a hypothetical logger function would have access to this global on every method request from whichever class of the application.
Hope this explanation will help :) Thank you
EDIT 2
The solution for this kind of problems is CLS. Thanks to #robertklep for the hint. A good slideshare explaining exactly the same problem (logger with unique ID) and explaining the CLS solutions can be found here: https://www.slideshare.net/isharabash/cls-and-asynclistener
I answered a very similar question here which will solve this problem.
I used to solve the problem the libraries node-uuid and continuation-local-storage. Take a look to the answer of this question and see if it helps:
NodeJS Express - Global Unique Request Id
And you want a bigger explanation, take a look here:
Express.js: Logging info with global unique request ID – Node.js
Yes you can do so by one method .
Every request comes to his routes pass that request inside the middleware.
Suppose you have
app.get('/', function(req, res) {
res.sendFile(path.join(public + "index.html"));
});
a request.
Place Middleware in it .and edit req field coming , in this way you will get the unique variable values for each request
check out this .
https://expressjs.com/en/guide/writing-middleware.html
Like this
var requestTime = function (req, res, next) {
req.requestTime = Date.now()
next()
}
app.use(requestTime)
app.get('/', function (req, res) {
var responseText = 'Hello World!<br>'
responseText += '<small>Requested at: ' + req.requestTime + '</small>'
res.send(responseText)
})
Here req.requestTime is unique for each request.
I'm trying to write a very basic piece of middleware for Express that checks to see if a user has some specified role required to access a resource. I have another piece of middleware that comes before this, which adds a user object to the request req for every route requiring authentication (and subsequent authorization).
As such, I define the authorization middleware like this:
_ = require('lodash');
function authorize(req, res, next, roles){
// check to see if user has one of the allowed roles
if(_.contains(roles, req.user.role)){
req.authorized = true;
return next();
}
// otherwise, pass an error
return next(new Error("Unauthorized"));
}
Every user object has a property called role on it, so I use _.contains(roles, req.user.role) to figure out whether or not the allowed roles contain the user's assigned role.
However, when I do this, I get TypeError: Cannot read property 'role' of undefined as soon as I start my Express server. This seems very weird to me, because I have not even made a request, and so of course req.user will be undefined until then.
Is there a way around this?
Example of how I use this middleware:
var app = express();
var router = express.Router();
router.get('/protected/:id', authorize(['ADMINISTRATOR', 'MANAGER', 'OWNER']), controllers.protected.retrieve);
When you register the route with
router.get(
'/protected/:id',
authorize(['ADMINISTRATOR', 'MANAGER', 'OWNER']),
controllers.protected.retrieve
)
the authorize method gets executed straight away by authorize(...) with the ['ADMINISTRATOR', ...] array being passed as the req param. Hence it is called as soon as you run the code and dies on user object not being present. Even if it didn't die on that, it wouldn't work as intended. You are mixing a middleware and a factory function together.
Express middleware is a function with a (req, res, next) signature, that you don't execute yourself. You need to pass a reference to such a middleware function and Express itself executes it on the request when needed, i.e.:
function authorize(req, res, next) {
...
};
router.get('/protected/:id', authorize, ...);
A parametrized middleware function, as in your case, can be easily created by splitting up to a factory and a middleware function:
// a factory function to create authorization middleware functions for given roles
function authorize(roles) {
// create and return an actual authorization middleware function
// to handle requests using the roles given when created
return function(req, res, next) {
if(_.contains(roles, req.user.role)){
req.authorized = true;
return next();
}
return next(new Error("Unauthorized"));
}
}
router.get(
'/protected/:id',
authorize(['ADMINISTRATOR', 'MANAGER', 'OWNER']),
controllers.protected.retrieve
)
I would like to have the following routes:
// Services without csrf()
router.get('/user/:uid', userRes.findUser, userRes.GETUser);
router.post('/user/:uid', userRes.findUser, userRes.POSTUser);
// Rest of routes, with csrf()
router.use(csrf());
router.post('/user/subscribe', indexRes.POSTSubscribe);
But what happens here is that POST /user/subscribe is matching second route.
I've been reading Express routes parameter conditions but it shows how to filter numbers. I would like to filter 'subscribe' path:
Is there any chance?
You could use router.param:
var staticUserPaths = ['subscribe'];
router.param('uid', function (req, res, next, id) {
if (~staticUserPaths.indexOf(id)) {
next('route');
} else {
next();
}
});
If you move your /user/subscribe route before the /user/:uid route, it will get executed instead of the /user/:uid route for requests to /user/subscribe. Routes/middleware in Express are executed in the order they are attached.
I am following the wonderful node-express-mongoose-demo app (link
in the articles.js controller, the .load function has a next() statement and I am confused about it - I thought that next() was only used in routing, passing the flow to the next middleware. why is next() being used here inside a controller? and why are the other controller functions (e.g. .edit ,see code below) NOT using next()..?
/**
* Module dependencies.
*/
var mongoose = require('mongoose')
, Article = mongoose.model('Article')
, utils = require('../../lib/utils')
, extend = require('util')._extend
/**
* Load
*/
exports.load = function(req, res, next, id){
var User = mongoose.model('User')
Article.load(id, function (err, article) {
if (err) return next(err)
if (!article) return next(new Error('not found'))
req.article = article
next()
})
}
....
/**
* Edit an article
*/
exports.edit = function (req, res) {
res.render('articles/edit', {
title: 'Edit ' + req.article.title,
article: req.article
})
}
The .load middleware is calling next() because it is a parameter middleware. These special middlewares allow you to perform logic for specific route parameters. This can be handy if you have a route like /users/:id where you could set up a parameter middleware for id that loads that particular user's profile from the database and then continues on to the actual route handler (which now has the user's profile already available to it). Without this, you may find yourself repeating the same loading logic inside route handlers for different HTTP verbs for the same route path.
The normal route handlers (e.g. edit) don't use next() because they don't need to (unless you encounter a serious HTTP 500-like error and want to call next(err) for example). They typically are the ones that send the response back to the client.
This is because of named parameter in routing.
e.g for route like
app.get('/articles/:id/edit', ArticleController.edit)
we have to tell the routing to resolve "id" by setting app.param('id', ArticleController.load)
This will go on and load the article using the load method then call the next() to pass the control to edit function. "Load" act as middleware which load the article and makes it available in edit method.
Please see express routing for more details.
I am trying to have a variable which can be accessible by all controllers in my node project. Currently in one controller I have:
var ua = req.headers['user-agent'];
var isMobile = "no";
if(/mobile/i.test(ua))
isMobile="yes";
It's pointless to copy past all of this for all my controllers and pass the isMobile variable to the view. I'd like to get the value of isMobile set once, and then pass it wherever I want from my controllers.
Is there an easy way to do this rather than have those 4 lines of code copy pasted in every controller?
Thanks
You'll want to use a Sails policy for this:
// /api/policies/isMobile.js
module.exports = function(req, res, next) {
var ua = req.headers['user-agent'];
req.isMobile = /mobile/i.test(ua);
next();
}
// /config/policies.js
module.exports.policies = {
'*': 'isMobile'
};
This will run the code before every controller action, and give you access to the req.isMobile var in all of your custom controller code.
A truly global variable isn't particularly an option as any concurrency above 1 will likely result in unexpected behavior. Being that it is something particular to the unique request itself, the req object is likely your best bet.
Assuming you have access to the req object everywhere that you would like to utilize use this flag, you can simply add a property to the req object at any point (preferably early in the request/response cycle). After this property is added, it should be available everywhere that has access to req.
req.isMobile = /mobile/i.test(req.headers['user-agent']) ? 'yes' : 'no';
Or if there is a concept like middleware in express for sails
function isMobile(req, res, next) {
req.isMobile = /mobile/i.test(req.headers['user-agent']) ? 'yes' : 'no';
next();
}