@dvsa/appdev-api-common 0.3.1 → 0.3.3

package/README.md

@@ -35,3 +35,15 @@ There are two ways in which this package can/should be published:
 ###### Requires manual version bump via the PR
 
 - Upon merge into `main` branch, the package will be published via a GHA workflow.
+
+### Developing locally
+To test our your changes before publishing to `npm`, you can use the following command:
+
+`npm run localLink`
+
+Then in the project you wish to use this package, run:
+
+`npm link @dvsa/appdev-api-common`
+
+Once you've completed your local testing and/or to start again from scratch, you can run:
+`npm unlink @dvsa/appdev-api-common`

package/auth/auth-checker.js

@@ -13,11 +13,13 @@ class JWTAuthChecker {
      */
     static async execute({ request }, roles = []) {
         // if running locally, skip the token auth and role check
-        if (process.env.IS_OFFLINE === "true")
+        if (process.env.IS_OFFLINE === "true" &&
+            process.env.FORCE_LOCAL_AUTH !== "true")
             return true;
         // extract the token from the request headers
-        const token = request?.apiGateway.event
-            .headers?.Authorization;
+        const headers = request?.apiGateway.event
+            .headers;
+        const token = headers?.Authorization || headers?.authorization;
         // if no token is found, then deny access to resource
         if (!token || token.trim()?.length === 0) {
             throw new auth_errors_1.AuthError(http_status_codes_1.HttpStatus.UNAUTHORIZED, "Missing Authorization header");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dvsa/appdev-api-common",
-  "version": "0.3.1",
+  "version": "0.3.3",
   "keywords": [
     "dvsa",
     "nodejs",
@@ -13,6 +13,7 @@
     "access": "public"
   },
   "scripts": {
+    "localLink": "npm run clean && npm version patch && npm run build && cp package.json dist && cd dist && npm link",
     "clean": "rimraf coverage dist",
     "clean:temp": "rimraf auth api",
     "lint": "biome check src",
@@ -38,9 +39,12 @@
     "jest": "^29.7.0",
     "lint-staged": "^15.2.10",
     "rimraf": "^6.0.1",
-    "routing-controllers": "^0.10.4",
+    "routing-controllers": "^0.11.2",
     "ts-jest": "^29.2.5",
     "ts-node": "^10.9.2",
     "typescript": "^5.5.2"
+  },
+  "lint-staged": {
+    "*.{js,ts,mjs,css,md,ts,json}": "npm run lint:fix -- --no-errors-on-unmatched"
   }
 }

package/validation/request-body.d.ts

@@ -1,10 +1,13 @@
+interface ValidateRequestBodyOptions {
+    isArray?: boolean;
+    errorDetails?: boolean;
+}
 /**
  * Decorator tp validate an express request body against a specified schema
  * @param {object} schema - the json schema you wish to use as the validator
- * @param isArray - whether the body is expected to be an array
- * @param errorDetails - whether to return detailed error messages (Note: errors are logged regardless of this setting)
+ * @param {ValidateRequestBodyOptions} opts
+ * - isArray: whether the body is expected to be an array
+ * - errorDetails: whether to return detailed error messages (Note: errors are logged regardless of this setting)
  */
-export declare function ValidateRequestBody<T>(schema: object, { isArray, errorDetails }?: {
-    isArray: boolean;
-    errorDetails: boolean;
-}): (_target: T, _propertyKey: string, descriptor: PropertyDescriptor) => void;
+export declare function ValidateRequestBody<T>(schema: object, opts?: ValidateRequestBodyOptions): (_target: T, _propertyKey: string, descriptor: PropertyDescriptor) => void;
+export {};

package/validation/request-body.js

@@ -11,10 +11,11 @@ ajv.addKeyword("tsEnumNames");
 /**
  * Decorator tp validate an express request body against a specified schema
  * @param {object} schema - the json schema you wish to use as the validator
- * @param isArray - whether the body is expected to be an array
- * @param errorDetails - whether to return detailed error messages (Note: errors are logged regardless of this setting)
+ * @param {ValidateRequestBodyOptions} opts
+ * - isArray: whether the body is expected to be an array
+ * - errorDetails: whether to return detailed error messages (Note: errors are logged regardless of this setting)
  */
-function ValidateRequestBody(schema, { isArray, errorDetails } = { isArray: false, errorDetails: false }) {
+function ValidateRequestBody(schema, opts = { isArray: false, errorDetails: false }) {
     return (_target, _propertyKey, descriptor) => {
         const originalMethod = descriptor.value;
         descriptor.value = async function (body, res, next) {
@@ -27,8 +28,8 @@ function ValidateRequestBody(schema, { isArray, errorDetails } = { isArray: fals
             const payload = Buffer.isBuffer(body)
                 ? JSON.parse(body.toString("utf-8"))
                 : body;
-            // Create the appropriate schema based on whether we're validating an array
-            const schemaToValidate = isArray
+            // Create the appropriate schema based on whether we're validating an array or a single object
+            const schemaToValidate = opts?.isArray
                 ? { type: "array", items: schema }
                 : schema;
             const validateFunction = ajv.compile(schemaToValidate);
@@ -40,7 +41,7 @@ function ValidateRequestBody(schema, { isArray, errorDetails } = { isArray: fals
                 const response = {
                     message: "Validation error",
                 };
-                if (errorDetails) {
+                if (opts?.errorDetails) {
                     Object.assign(response, { errors: validateFunction.errors });
                 }
                 return res.status(http_status_codes_1.HttpStatus.BAD_REQUEST).json(response);