@stanlemon/server 0.1.1 → 0.2.1

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "@stanlemon/server",
-  "version": "0.1.1",
+  "version": "0.2.1",
   "description": "A basic express web server setup.",
   "author": "Stan Lemon <stanlemon@users.noreply.github.com>",
   "license": "MIT",
   "engines": {
-    "node": ">=17.0"
+    "node": ">=16.13.0"
   },
   "type": "module",
   "main": "./src/index.js",
@@ -17,11 +17,12 @@
   },
   "dependencies": {
     "compression": "^1.7.4",
-    "dotenv": "11.0.0",
-    "express": "^4.17.1",
-    "express-rate-limit": "^5.5.1",
-    "helmet": "^4.6.0",
-    "http-proxy-middleware": "^2.0.1",
+    "dotenv": "16.0.0",
+    "express": "^4.17.3",
+    "express-rate-limit": "^6.3.0",
+    "helmet": "^5.0.2",
+    "http-proxy-middleware": "^2.0.4",
+    "joi": "^17.6.0",
     "lodash-es": "^4.17.21",
     "morgan": "^1.10.0"
   },

package/src/asyncJsonHandler.js

@@ -1,3 +1,4 @@
+import { isPlainObject } from "lodash-es";
 import { formatInput } from "./index.js";
 import { formatOutput } from "./index.js";
 
@@ -5,16 +6,7 @@ export default asyncJsonHandler;
 
 export function asyncJsonHandler(fn) {
   return async (req, res /*, next */) => {
-    const input = {
-      // For POST & PUT requests we'll use the body
-      // For everything else, it's query string parameters
-      ...(req.method === "POST" || req.method === "PUT"
-        ? formatInput(req.body)
-        : req.query || {}),
-      // Always make sure the request parameters override everything else
-      // eg. a param for 'id' is not overridden by a query string 'id' or 'req.body.id'
-      ...req.params,
-    };
+    const input = buildInput(req);
 
     try {
       const output = await fn(input);
@@ -26,22 +18,22 @@ export function asyncJsonHandler(fn) {
     } catch (ex) {
       // TODO: Add better support for validation errors
       if (ex.message === "Bad Request") {
-        res.status(400).json({ error: ex.message });
+        res.status(400).json({ error: formatError(ex) });
         return;
       }
 
       if (ex.message === "Not Authorized") {
-        res.status(403).json({ error: ex.message });
+        res.status(403).json({ error: formatError(ex) });
         return;
       }
 
       if (ex.message === "Not Found") {
-        res.status(404).json({ error: ex.message });
+        res.status(404).json({ error: formatError(ex) });
         return;
       }
 
       if (ex.message === "Already Exists") {
-        res.status(409).json({ error: ex.message });
+        res.status(409).json({ error: formatError(ex) });
         return;
       }
 
@@ -52,7 +44,7 @@ export function asyncJsonHandler(fn) {
         // eslint-disable-next-line no-console
         console.error(ex);
 
-        res.status(500).json({ error: ex.message });
+        res.status(500).json({ error: formatError(ex) });
       } else {
         res.status(500).json({ error: "Something went wrong" });
       }
@@ -60,14 +52,39 @@ export function asyncJsonHandler(fn) {
   };
 }
 
+function buildInput(req) {
+  const query = isPlainObject(req.query) ? req.query : {};
+  const params = isPlainObject(req.params) ? req.params : {};
+
+  if (req.method === "POST" || req.method === "PUT") {
+    const body = formatInput(req.body);
+
+    // This is a weird payload, don't try any of our append magic
+    if (!isPlainObject(body)) {
+      return body;
+    }
+
+    // Always make sure the request parameters override everything else
+    // eg. a param for 'id' is not overridden by a query string 'id' or 'req.body.id'
+    return { ...body, ...query, ...params };
+  }
+
+  return params;
+}
+
+function formatError(ex) {
+  return ex.message + (ex.details ? ": " + ex.details : "");
+}
+
 export class BadRequestException extends Error {
   static MESSAGE = "Bad Request";
   static CODE = 400;
 
-  constructor() {
+  constructor(details = null) {
     super(BadRequestException.MESSAGE);
     this.name = "BadRequestException";
     this.code = BadRequestException.CODE;
+    this.details = details;
   }
 }
 
@@ -75,10 +92,11 @@ export class NotAuthorizedException extends Error {
   static MESSAGE = "Not Authorized";
   static CODE = 403;
 
-  constructor() {
+  constructor(details = null) {
     super(NotAuthorizedException.MESSAGE);
     this.name = "NotAuthorizedException";
     this.code = NotAuthorizedException.CODE;
+    this.details = details;
   }
 }
 
@@ -86,10 +104,11 @@ export class NotFoundException extends Error {
   static MESSAGE = "Not Found";
   static CODE = 404;
 
-  constructor() {
+  constructor(details = null) {
     super(NotFoundException.MESSAGE);
     this.name = "NotFoundException";
     this.code = NotFoundException.CODE;
+    this.details = details;
   }
 }
 
@@ -97,9 +116,10 @@ export class AlreadyExistsException extends Error {
   static MESSAGE = "Already Exists";
   static CODE = 409;
 
-  constructor() {
+  constructor(details = null) {
     super(AlreadyExistsException.MESSAGE);
     this.name = "AlreadyExistsException";
     this.code = AlreadyExistsException.CODE;
+    this.details = details;
   }
 }

package/src/createAppServer.js

@@ -8,59 +8,58 @@ import { createProxyMiddleware } from "http-proxy-middleware";
 
 dotenv.config();
 
-const DEVELOPMENT = "development";
-const { NODE_ENV = DEVELOPMENT, WEBPACK_URL = "http://localhost:8080" } =
-  process.env;
+export const DEFAULTS = { port: 3000, webpack: false, start: true };
 
-export default function createAppServer(opts = { port: 3000 }) {
-  const app = express();
-  app.use(express.json());
-
-  const limiter = rateLimit({
-    windowMs: 15 * 60 * 1000, // X minutes
-    max: 100, // limit each IP to Y requests per windowMs
-  });
+export default function createAppServer(options) {
+  const { port, webpack, start } = { ...DEFAULTS, ...options };
 
-  app.use(limiter);
+  const app = express();
+  app.use(express.json({ strict: false }));
 
   if (process.env.NODE_ENV !== "test") {
     app.use(morgan("combined"));
   }
 
   if (process.env.NODE_ENV === "production") {
+    const limiter = rateLimit({
+      windowMs: 5 * 60 * 1000, // 5 minutes
+      max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
+      standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
+      legacyHeaders: false, // Disable the `X-RateLimit-*` headers
+    });
+
+    app.use(limiter);
     app.use(compression());
     app.use(helmet());
   }
 
-  if (NODE_ENV !== DEVELOPMENT) {
-    app.use(express.static("./dist"));
-  }
-
-  if (NODE_ENV === DEVELOPMENT && WEBPACK_URL) {
+  if (webpack !== false && process.env.NODE_ENV !== "production") {
     app.get(
       "/*.js",
       createProxyMiddleware({
-        target: WEBPACK_URL,
+        target: webpack,
         changeOrigin: true,
       })
     );
 
     app.get(
-      "/ws",
+      "/",
       createProxyMiddleware({
-        target: WEBPACK_URL.replace("http://", "ws://"),
+        target: webpack,
         changeOrigin: true,
-        ws: true,
       })
     );
 
     app.get(
-      "/",
+      "/ws",
       createProxyMiddleware({
-        target: WEBPACK_URL,
+        target: webpack,
         changeOrigin: true,
+        ws: true,
       })
     );
+  } else if (webpack !== false) {
+    app.use(express.static("./dist"));
   }
 
   app.get("/health", (req, res) => {
@@ -69,15 +68,19 @@ export default function createAppServer(opts = { port: 3000 }) {
     });
   });
 
-  const server = app.listen(opts.port);
+  if (start) {
+    const server = app.listen(port);
 
-  /* eslint-disable no-console */
-  console.log("Starting in %s mode", NODE_ENV);
-  console.log(
-    "Listening at http://%s:%s",
-    server.address().address === "::" ? "localhost" : server.address().address,
-    server.address().port
-  );
+    /* eslint-disable no-console */
+    console.log("Starting in %s mode", process.env.NODE_ENV);
+    console.log(
+      "Listening at http://%s:%s",
+      server.address().address === "::"
+        ? "localhost"
+        : server.address().address,
+      server.address().port
+    );
+  }
 
   return app;
 }

package/src/formatInput.js

@@ -1,6 +1,9 @@
-import { snakeCase } from "lodash-es";
+import { isArray, snakeCase } from "lodash-es";
 import convertCase from "./convertCase.js";
 
 export default function formatInput(obj) {
+  if (isArray(obj)) {
+    return obj.map((v) => formatInput(v));
+  }
   return convertCase(obj, formatInput, snakeCase);
 }

package/src/formatOutput.js

@@ -1,7 +1,16 @@
-import { camelCase, isArray, isDate } from "lodash-es";
+import {
+  camelCase,
+  isPlainObject,
+  isArray,
+  isDate,
+  isEmpty,
+  omit,
+} from "lodash-es";
 import convertCase from "./convertCase.js";
 
-export default function formatOutput(obj) {
+export default function formatOutput(o, omittedFields = []) {
+  const obj =
+    isPlainObject(o) && !isEmpty(omittedFields) ? omit(o, omittedFields) : o;
   if (isDate(obj)) {
     return obj.toISOString();
   }

package/src/index.js

@@ -1,5 +1,6 @@
-export { default as createAppServer } from "./createAppServer.js";
+export { default as createAppServer, DEFAULTS } from "./createAppServer.js";
 export { default as convertCase } from "./convertCase.js";
 export { default as formatInput } from "./formatInput.js";
 export { default as formatOutput } from "./formatOutput.js";
 export * from "./asyncJsonHandler.js";
+export { default as schemaHandler } from "./schemaHandler.js";

package/src/schemaHandler.js

@@ -0,0 +1,44 @@
+import asyncJsonHandler from "./asyncJsonHandler.js";
+
+export default function schemaHandler(schema, fn) {
+  return async (req, res, next) => {
+    // Validate the input schema
+    try {
+      const value = await schema.validateAsync(req.body, {
+        // False here will not allow keys that are not part of the schema
+        allowUnknown: false,
+        // True here will strip the unknown keys from the returned value
+        stripUnknown: true,
+        // Ensure that all rules are evaluated, by default Joi stops on the first error
+        abortEarly: false,
+        // Customized error messages
+        messages: {
+          "any.invalid": "{{#label}} is invalid",
+          "any.required": "{{#label}} is required",
+          "boolean.base": "{{#label}} must be true or false",
+          "string.empty": "{{#label}} is required",
+          "string.email": "{{#label}} must be a valid email address",
+          "string.min":
+            "{{#label}} must be at least {{#limit}} characters long",
+          "string.max":
+            "{{#label}} cannot be more than {{#limit}} characters long",
+          "number.base": "{{#label}} must be a number",
+          "date.base": "{{#label}} must be a valid date",
+        },
+      });
+
+      // eslint-disable-next-line require-atomic-updates
+      req.body = value;
+
+      // Wrap all of these in our async handler
+      await asyncJsonHandler(fn)(req, res, next);
+    } catch (error) {
+      res.status(400).json({
+        errors: Object.assign.apply(
+          null,
+          error.details.map((d) => ({ [d.path]: d.message }))
+        ),
+      });
+    }
+  };
+}