1
0
mirror of https://github.com/Foltik/Shimapan synced 2025-01-22 06:51:28 -05:00
shimapan/app/util/verifyBody.js

57 lines
2.2 KiB
JavaScript
Raw Normal View History

const sanitizer = require('sanitizer');
// Verifies a single property is well formed
const verifyProp = async (prop, expected) => {
2018-08-01 13:07:52 -04:00
if (!expected.optional && !prop)
throw {code: 400, message: expected.name + ' not specified.'};
else if (!prop)
return;
if (expected.type) {
if (expected.type === 'date') {
if (isNaN(new Date(prop)))
throw {code: 400, message: `${expected.name} malformed.`};
} else if (expected.type === 'array') {
if (!(prop instanceof Array))
throw {code: 400, message: `${expected.name} malformed.`};
} else if (expected.type === 'number') {
if (isNaN(parseInt(prop)))
throw {code: 400, message: `${expected.name} malformed.`};
} else {
if (typeof prop !== expected.type)
throw {code: 400, message: `${expected.name} malformed.`};
}
}
if (expected.min && parseInt(prop) < expected.min)
throw {code: 400, message: `${expected.name} too small.`};
if (expected.max && parseInt(prop) > expected.max)
throw {code: 400, message: `${expected.name} too large.`};
if (expected.maxLength && prop.length > expected.maxLength)
throw {code: 400, message: `${expected.name} too long.`};
if (expected.sanitize && sanitizer.sanitize(prop) !== prop)
throw {code: 400, message: `${expected.name} contains invalid characters.`};
if (expected.restrict && prop.replace(expected.restrict, '') !== prop)
throw {code: 400, message: `${expected.name} contains invalid characters.`};
};
2018-08-01 13:07:52 -04:00
// Verifies the entire request body is well formed
// expectedProps follows the format:
// [{name: 'myList', instance: 'Array'}, {name: 'myVar', type: 'string', optional: true}, etc.]
const verifyBody = (body, expectedProps) =>
Promise.all(expectedProps.map(expected => verifyProp(body[expected.name], expected)));
const bodyVerifier = expectedProps =>
2018-08-01 13:07:52 -04:00
(req, res, next) => {
verifyBody(req.body, expectedProps)
2018-08-01 13:07:52 -04:00
.then(() => next())
.catch(err => res.status(err.code).json({message: err.message}));
};
exports.verifyBody = verifyBody;
exports.bodyVerifier = bodyVerifier;