express-zod-safe 1.5.4 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +30 -3
- package/dist/index.d.mts +41 -10
- package/dist/index.d.ts +41 -10
- package/dist/index.js +5 -6
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +5 -6
- package/dist/index.mjs.map +1 -1
- package/package.json +7 -7
package/README.md
CHANGED
|
@@ -38,6 +38,8 @@ npm i express-zod-safe
|
|
|
38
38
|
npm i zod express && npm i -D @types/express
|
|
39
39
|
```
|
|
40
40
|
|
|
41
|
+
⚠️ Warning ⚠️: This package is designed to work with Zod `v4.0.0` and above. If you are using Zod `v3.x.x`, you will need to use `express-zod-safe@1.5.4`.
|
|
42
|
+
|
|
41
43
|
## 🛠️ Usage
|
|
42
44
|
|
|
43
45
|
```ts
|
|
@@ -46,6 +48,7 @@ import validate from 'express-zod-safe';
|
|
|
46
48
|
import { z } from 'zod';
|
|
47
49
|
|
|
48
50
|
const app = express();
|
|
51
|
+
app.use(express.json());
|
|
49
52
|
|
|
50
53
|
// Define your Zod schemas
|
|
51
54
|
const params = {
|
|
@@ -70,6 +73,30 @@ app.listen(3000, () => console.log('Server running on port 3000'));
|
|
|
70
73
|
|
|
71
74
|
**Note:** The `validate` middleware must be used **after** any other middleware that parses/modifies the request body, such as `express.json()` or `express.urlencoded()`.
|
|
72
75
|
|
|
76
|
+
### 📄 Using `ValidatedRequest`
|
|
77
|
+
When you want to type the `Request` object outside of route handlers, you can use the `ValidatedRequest` utility to infer the validated types. Pass the same Zod schemas you provide to `validate` and the resulting `Request` type will be narrowed accordingly.
|
|
78
|
+
|
|
79
|
+
```ts
|
|
80
|
+
import type { Response } from 'express';
|
|
81
|
+
import validate, { type ValidatedRequest } from 'express-zod-safe';
|
|
82
|
+
import { z } from 'zod';
|
|
83
|
+
|
|
84
|
+
const bodySchema = z.object({
|
|
85
|
+
title: z.string(),
|
|
86
|
+
description: z.string().max(200)
|
|
87
|
+
});
|
|
88
|
+
|
|
89
|
+
type CreatePostRequest = ValidatedRequest<{ body: typeof bodySchema }>;
|
|
90
|
+
|
|
91
|
+
function createPostHandler(req: CreatePostRequest, res: Response) {
|
|
92
|
+
// req.body.title -> string
|
|
93
|
+
// req.body.description -> string (max length validated by Zod)
|
|
94
|
+
res.json({ message: 'Created!' });
|
|
95
|
+
}
|
|
96
|
+
|
|
97
|
+
app.post('/posts', validate({ body: bodySchema }), createPostHandler);
|
|
98
|
+
```
|
|
99
|
+
|
|
73
100
|
### 📦 Custom Error Handling
|
|
74
101
|
By default, the `validate` middleware will send a 400 Bad Request response with a JSON body containing the error message. However, you can provide your own error handling function to customise the error response.
|
|
75
102
|
|
|
@@ -149,8 +176,8 @@ const body = {
|
|
|
149
176
|
app.post('/user', validate({ body }), (req, res) => {
|
|
150
177
|
// req.body.name -> string
|
|
151
178
|
// req.body.email -> string
|
|
152
|
-
// req.params.age -> Property 'age' does not exist on type
|
|
153
|
-
// req.query.age -> Property 'age' does not exist on type
|
|
179
|
+
// req.params.age -> Property 'age' does not exist on type unknown
|
|
180
|
+
// req.query.age -> Property 'age' does not exist on type unknown
|
|
154
181
|
});
|
|
155
182
|
```
|
|
156
183
|
|
|
@@ -168,7 +195,7 @@ app.post('/user', validate({ body, params }), (req, res) => {
|
|
|
168
195
|
// req.body.name -> string
|
|
169
196
|
// req.body.email -> string
|
|
170
197
|
// req.params.age -> any
|
|
171
|
-
// req.query.age -> Property 'age' does not exist on type
|
|
198
|
+
// req.query.age -> Property 'age' does not exist on type unknown
|
|
172
199
|
});
|
|
173
200
|
```
|
|
174
201
|
|
package/dist/index.d.mts
CHANGED
|
@@ -1,9 +1,7 @@
|
|
|
1
1
|
import { Request, Response, NextFunction, RequestHandler } from 'express';
|
|
2
|
-
import {
|
|
2
|
+
import { ZodType, ZodRawShape, ZodError, z } from 'zod';
|
|
3
3
|
|
|
4
4
|
declare const types: readonly ["query", "params", "body"];
|
|
5
|
-
declare const emptyObjectSchema: z.ZodObject<{}, "strict", ZodTypeAny, {}, {}>;
|
|
6
|
-
type EmptyValidationSchema = typeof emptyObjectSchema;
|
|
7
5
|
/**
|
|
8
6
|
* Generates a middleware function for Express.js that validates request params, query, and body.
|
|
9
7
|
* This function uses Zod schemas to perform validation against the provided schema definitions.
|
|
@@ -21,6 +19,7 @@ type EmptyValidationSchema = typeof emptyObjectSchema;
|
|
|
21
19
|
* import { z } from 'zod';
|
|
22
20
|
*
|
|
23
21
|
* const app = express();
|
|
22
|
+
* app.use(express.json());
|
|
24
23
|
*
|
|
25
24
|
* // Define your Zod schemas
|
|
26
25
|
* const params = {
|
|
@@ -42,7 +41,7 @@ type EmptyValidationSchema = typeof emptyObjectSchema;
|
|
|
42
41
|
*
|
|
43
42
|
* app.listen(3000, () => console.log('Server running on port 3000'));
|
|
44
43
|
*/
|
|
45
|
-
declare function validate<TParams extends ValidationSchema
|
|
44
|
+
declare function validate<TParams extends ValidationSchema, TQuery extends ValidationSchema, TBody extends ValidationSchema>(schemas: CompleteValidationSchema<TParams, TQuery, TBody>): RequestHandler<ZodOutput<TParams>, any, ZodOutput<TBody>, ZodOutput<TQuery>>;
|
|
46
45
|
/**
|
|
47
46
|
* Describes the types of data that can be validated: 'query', 'params', or 'body'.
|
|
48
47
|
*/
|
|
@@ -55,15 +54,16 @@ interface ErrorListItem {
|
|
|
55
54
|
type: DataType;
|
|
56
55
|
errors: ZodError;
|
|
57
56
|
}
|
|
57
|
+
type Unvalidated = unknown;
|
|
58
58
|
/**
|
|
59
59
|
* Represents an Express.js error request handler where the params, query and body are of unknown type as validation failed.
|
|
60
60
|
*/
|
|
61
|
-
type ErrorRequestHandler<P =
|
|
61
|
+
type ErrorRequestHandler<P = Unvalidated, ResBody = any, ReqBody = Unvalidated, ReqQuery = unknown, LocalsObj extends Record<string, any> = Record<string, any>> = (err: ErrorListItem[], req: Request<P, ResBody, ReqBody, ReqQuery, LocalsObj>, res: Response<ResBody, LocalsObj>, next: NextFunction) => void | Promise<void>;
|
|
62
62
|
/**
|
|
63
63
|
* Represents a generic type for route validation, which can be applied to params, query, or body.
|
|
64
64
|
* Each key-value pair represents a field and its corresponding Zod validation schema.
|
|
65
65
|
*/
|
|
66
|
-
type ValidationSchema =
|
|
66
|
+
type ValidationSchema = ZodType | ZodRawShape;
|
|
67
67
|
/**
|
|
68
68
|
* Defines the structure for the schemas provided to the validate middleware.
|
|
69
69
|
* Each property corresponds to a different part of the request (params, query, body)
|
|
@@ -73,7 +73,7 @@ type ValidationSchema = ZodTypeAny | ZodRawShape;
|
|
|
73
73
|
* @template TQuery - Type definition for query schema.
|
|
74
74
|
* @template TBody - Type definition for body schema.
|
|
75
75
|
*/
|
|
76
|
-
interface CompleteValidationSchema<TParams extends ValidationSchema =
|
|
76
|
+
interface CompleteValidationSchema<TParams extends ValidationSchema = ValidationSchema, TQuery extends ValidationSchema = ValidationSchema, TBody extends ValidationSchema = ValidationSchema> {
|
|
77
77
|
handler?: ErrorRequestHandler;
|
|
78
78
|
params?: TParams;
|
|
79
79
|
query?: TQuery;
|
|
@@ -86,10 +86,41 @@ interface CompleteValidationSchema<TParams extends ValidationSchema = EmptyValid
|
|
|
86
86
|
*
|
|
87
87
|
* @template T - The validation type (params, query, or body).
|
|
88
88
|
*/
|
|
89
|
-
type ZodOutput<T extends ValidationSchema> = T extends ZodRawShape ? z.ZodObject<T>
|
|
89
|
+
type ZodOutput<T extends ValidationSchema | undefined> = T extends ValidationSchema ? z.output<T extends ZodRawShape ? z.ZodObject<T> : T> : Unvalidated;
|
|
90
90
|
/**
|
|
91
91
|
* A utility type to ensure other middleware types don't conflict with the validate middleware.
|
|
92
92
|
*/
|
|
93
|
-
type WeakRequestHandler = RequestHandler<
|
|
93
|
+
type WeakRequestHandler = RequestHandler<Unvalidated, Unvalidated, Unvalidated, Unvalidated>;
|
|
94
|
+
/**
|
|
95
|
+
* A utility type to ensure the Request is typed correctly.
|
|
96
|
+
* @template T - The validation schema to be applied to the request params, query and body.
|
|
97
|
+
* @example
|
|
98
|
+
* import { ValidatedRequest } from 'express-zod-safe';
|
|
99
|
+
* import { z } from 'zod';
|
|
100
|
+
*
|
|
101
|
+
* const schema = {
|
|
102
|
+
* query: {
|
|
103
|
+
* name: z.string().min(3).max(10),
|
|
104
|
+
* age: z.coerce.number().min(18)
|
|
105
|
+
* },
|
|
106
|
+
* body: {
|
|
107
|
+
* title: z.string().max(4)
|
|
108
|
+
* },
|
|
109
|
+
* params: {
|
|
110
|
+
* id: z.coerce.number()
|
|
111
|
+
* }
|
|
112
|
+
* };
|
|
113
|
+
*
|
|
114
|
+
* const requestHandler = (req: ValidatedRequest<typeof schema>, res: Response) => {
|
|
115
|
+
* const { name, age } = req.query;
|
|
116
|
+
* const { id } = req.params;
|
|
117
|
+
* const { title } = req.body;
|
|
118
|
+
*
|
|
119
|
+
* res.send(`Hello ${title} ${name}! (Your age is ${age} and your ID is ${id})`);
|
|
120
|
+
* };
|
|
121
|
+
*
|
|
122
|
+
* app.post('/handler/:id', validate(schema), requestHandler);
|
|
123
|
+
*/
|
|
124
|
+
type ValidatedRequest<T extends CompleteValidationSchema> = Request<ZodOutput<T['params']>, any, ZodOutput<T['body']>, ZodOutput<T['query']>>;
|
|
94
125
|
|
|
95
|
-
export { type CompleteValidationSchema, type
|
|
126
|
+
export { type CompleteValidationSchema, type ErrorListItem, type ErrorRequestHandler, type Unvalidated, type ValidatedRequest, type ValidationSchema, type WeakRequestHandler, type ZodOutput, validate as default };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,9 +1,7 @@
|
|
|
1
1
|
import { Request, Response, NextFunction, RequestHandler } from 'express';
|
|
2
|
-
import {
|
|
2
|
+
import { ZodType, ZodRawShape, ZodError, z } from 'zod';
|
|
3
3
|
|
|
4
4
|
declare const types: readonly ["query", "params", "body"];
|
|
5
|
-
declare const emptyObjectSchema: z.ZodObject<{}, "strict", ZodTypeAny, {}, {}>;
|
|
6
|
-
type EmptyValidationSchema = typeof emptyObjectSchema;
|
|
7
5
|
/**
|
|
8
6
|
* Generates a middleware function for Express.js that validates request params, query, and body.
|
|
9
7
|
* This function uses Zod schemas to perform validation against the provided schema definitions.
|
|
@@ -21,6 +19,7 @@ type EmptyValidationSchema = typeof emptyObjectSchema;
|
|
|
21
19
|
* import { z } from 'zod';
|
|
22
20
|
*
|
|
23
21
|
* const app = express();
|
|
22
|
+
* app.use(express.json());
|
|
24
23
|
*
|
|
25
24
|
* // Define your Zod schemas
|
|
26
25
|
* const params = {
|
|
@@ -42,7 +41,7 @@ type EmptyValidationSchema = typeof emptyObjectSchema;
|
|
|
42
41
|
*
|
|
43
42
|
* app.listen(3000, () => console.log('Server running on port 3000'));
|
|
44
43
|
*/
|
|
45
|
-
declare function validate<TParams extends ValidationSchema
|
|
44
|
+
declare function validate<TParams extends ValidationSchema, TQuery extends ValidationSchema, TBody extends ValidationSchema>(schemas: CompleteValidationSchema<TParams, TQuery, TBody>): RequestHandler<ZodOutput<TParams>, any, ZodOutput<TBody>, ZodOutput<TQuery>>;
|
|
46
45
|
/**
|
|
47
46
|
* Describes the types of data that can be validated: 'query', 'params', or 'body'.
|
|
48
47
|
*/
|
|
@@ -55,15 +54,16 @@ interface ErrorListItem {
|
|
|
55
54
|
type: DataType;
|
|
56
55
|
errors: ZodError;
|
|
57
56
|
}
|
|
57
|
+
type Unvalidated = unknown;
|
|
58
58
|
/**
|
|
59
59
|
* Represents an Express.js error request handler where the params, query and body are of unknown type as validation failed.
|
|
60
60
|
*/
|
|
61
|
-
type ErrorRequestHandler<P =
|
|
61
|
+
type ErrorRequestHandler<P = Unvalidated, ResBody = any, ReqBody = Unvalidated, ReqQuery = unknown, LocalsObj extends Record<string, any> = Record<string, any>> = (err: ErrorListItem[], req: Request<P, ResBody, ReqBody, ReqQuery, LocalsObj>, res: Response<ResBody, LocalsObj>, next: NextFunction) => void | Promise<void>;
|
|
62
62
|
/**
|
|
63
63
|
* Represents a generic type for route validation, which can be applied to params, query, or body.
|
|
64
64
|
* Each key-value pair represents a field and its corresponding Zod validation schema.
|
|
65
65
|
*/
|
|
66
|
-
type ValidationSchema =
|
|
66
|
+
type ValidationSchema = ZodType | ZodRawShape;
|
|
67
67
|
/**
|
|
68
68
|
* Defines the structure for the schemas provided to the validate middleware.
|
|
69
69
|
* Each property corresponds to a different part of the request (params, query, body)
|
|
@@ -73,7 +73,7 @@ type ValidationSchema = ZodTypeAny | ZodRawShape;
|
|
|
73
73
|
* @template TQuery - Type definition for query schema.
|
|
74
74
|
* @template TBody - Type definition for body schema.
|
|
75
75
|
*/
|
|
76
|
-
interface CompleteValidationSchema<TParams extends ValidationSchema =
|
|
76
|
+
interface CompleteValidationSchema<TParams extends ValidationSchema = ValidationSchema, TQuery extends ValidationSchema = ValidationSchema, TBody extends ValidationSchema = ValidationSchema> {
|
|
77
77
|
handler?: ErrorRequestHandler;
|
|
78
78
|
params?: TParams;
|
|
79
79
|
query?: TQuery;
|
|
@@ -86,12 +86,43 @@ interface CompleteValidationSchema<TParams extends ValidationSchema = EmptyValid
|
|
|
86
86
|
*
|
|
87
87
|
* @template T - The validation type (params, query, or body).
|
|
88
88
|
*/
|
|
89
|
-
type ZodOutput<T extends ValidationSchema> = T extends ZodRawShape ? z.ZodObject<T>
|
|
89
|
+
type ZodOutput<T extends ValidationSchema | undefined> = T extends ValidationSchema ? z.output<T extends ZodRawShape ? z.ZodObject<T> : T> : Unvalidated;
|
|
90
90
|
/**
|
|
91
91
|
* A utility type to ensure other middleware types don't conflict with the validate middleware.
|
|
92
92
|
*/
|
|
93
|
-
type WeakRequestHandler = RequestHandler<
|
|
93
|
+
type WeakRequestHandler = RequestHandler<Unvalidated, Unvalidated, Unvalidated, Unvalidated>;
|
|
94
|
+
/**
|
|
95
|
+
* A utility type to ensure the Request is typed correctly.
|
|
96
|
+
* @template T - The validation schema to be applied to the request params, query and body.
|
|
97
|
+
* @example
|
|
98
|
+
* import { ValidatedRequest } from 'express-zod-safe';
|
|
99
|
+
* import { z } from 'zod';
|
|
100
|
+
*
|
|
101
|
+
* const schema = {
|
|
102
|
+
* query: {
|
|
103
|
+
* name: z.string().min(3).max(10),
|
|
104
|
+
* age: z.coerce.number().min(18)
|
|
105
|
+
* },
|
|
106
|
+
* body: {
|
|
107
|
+
* title: z.string().max(4)
|
|
108
|
+
* },
|
|
109
|
+
* params: {
|
|
110
|
+
* id: z.coerce.number()
|
|
111
|
+
* }
|
|
112
|
+
* };
|
|
113
|
+
*
|
|
114
|
+
* const requestHandler = (req: ValidatedRequest<typeof schema>, res: Response) => {
|
|
115
|
+
* const { name, age } = req.query;
|
|
116
|
+
* const { id } = req.params;
|
|
117
|
+
* const { title } = req.body;
|
|
118
|
+
*
|
|
119
|
+
* res.send(`Hello ${title} ${name}! (Your age is ${age} and your ID is ${id})`);
|
|
120
|
+
* };
|
|
121
|
+
*
|
|
122
|
+
* app.post('/handler/:id', validate(schema), requestHandler);
|
|
123
|
+
*/
|
|
124
|
+
type ValidatedRequest<T extends CompleteValidationSchema> = Request<ZodOutput<T['params']>, any, ZodOutput<T['body']>, ZodOutput<T['query']>>;
|
|
94
125
|
|
|
95
126
|
// @ts-ignore
|
|
96
127
|
export = validate;
|
|
97
|
-
export type { CompleteValidationSchema,
|
|
128
|
+
export type { CompleteValidationSchema, ErrorListItem, ErrorRequestHandler, Unvalidated, ValidatedRequest, ValidationSchema, WeakRequestHandler, ZodOutput };
|
package/dist/index.js
CHANGED
|
@@ -2,8 +2,7 @@
|
|
|
2
2
|
var _express = require('express'); var _express2 = _interopRequireDefault(_express);
|
|
3
3
|
var _zod = require('zod');
|
|
4
4
|
var types = ["query", "params", "body"];
|
|
5
|
-
|
|
6
|
-
function isZodSchema(schema) {
|
|
5
|
+
function isZodType(schema) {
|
|
7
6
|
return !!schema && typeof schema.safeParseAsync === "function";
|
|
8
7
|
}
|
|
9
8
|
var descriptor = Object.getOwnPropertyDescriptor(_express2.default.request, "query");
|
|
@@ -22,9 +21,9 @@ if (descriptor) {
|
|
|
22
21
|
}
|
|
23
22
|
function validate(schemas) {
|
|
24
23
|
const validation = {
|
|
25
|
-
params:
|
|
26
|
-
query:
|
|
27
|
-
body:
|
|
24
|
+
params: isZodType(schemas.params) ? schemas.params : _zod.z.strictObject(_nullishCoalesce(schemas.params, () => ( {}))),
|
|
25
|
+
query: isZodType(schemas.query) ? schemas.query : _zod.z.strictObject(_nullishCoalesce(schemas.query, () => ( {}))),
|
|
26
|
+
body: isZodType(schemas.body) ? schemas.body : _zod.z.strictObject(_nullishCoalesce(schemas.body, () => ( {})))
|
|
28
27
|
};
|
|
29
28
|
return async (req, res, next) => {
|
|
30
29
|
const errors = [];
|
|
@@ -35,7 +34,7 @@ function validate(schemas) {
|
|
|
35
34
|
}
|
|
36
35
|
if (errors.length > 0) {
|
|
37
36
|
if (schemas.handler) return schemas.handler(errors, req, res, next);
|
|
38
|
-
res.status(400).send(errors.map((error) => ({ type: error.type, errors: error.errors })));
|
|
37
|
+
res.status(400).send(errors.map((error) => ({ type: error.type, errors: error.errors.issues })));
|
|
39
38
|
return;
|
|
40
39
|
}
|
|
41
40
|
return next();
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["/home/runner/work/express-zod-safe/express-zod-safe/dist/index.js","../src/index.ts"],"names":[],"mappings":"AAAA;ACEA,oFAAoB;AACpB,
|
|
1
|
+
{"version":3,"sources":["/home/runner/work/express-zod-safe/express-zod-safe/dist/index.js","../src/index.ts"],"names":[],"mappings":"AAAA;ACEA,oFAAoB;AACpB,0BAAiE;AAEjE,IAAM,MAAA,EAAQ,CAAC,OAAA,EAAS,QAAA,EAAU,MAAM,CAAA;AAOxC,SAAS,SAAA,CAAU,MAAA,EAAoC;AACtD,EAAA,OAAO,CAAC,CAAC,OAAA,GAAU,OAAQ,MAAA,CAAmB,eAAA,IAAmB,UAAA;AAClE;AAGA,IAAM,WAAA,EAAa,MAAA,CAAO,wBAAA,CAAyB,iBAAA,CAAQ,OAAA,EAAS,OAAO,CAAA;AAC3E,GAAA,CAAI,UAAA,EAAY;AACf,EAAA,MAAA,CAAO,cAAA,CAAe,iBAAA,CAAQ,OAAA,EAAS,OAAA,EAAS;AAAA,IAC/C,GAAA,CAAA,EAAmB;AAClB,MAAA,GAAA,CAAI,MAAA,CAAO,MAAA,CAAO,IAAA,EAAM,QAAQ,CAAA,EAAG,OAAO,IAAA,CAAK,MAAA;AAC/C,MAAA,uBAAO,UAAA,2BAAY,GAAA,6BAAK,IAAA,mBAAK,IAAI,GAAA;AAAA,IAClC,CAAA;AAAA,IACA,GAAA,CAAmB,KAAA,EAAgB;AAClC,MAAA,IAAA,CAAK,OAAA,EAAS,KAAA;AAAA,IACf,CAAA;AAAA,IACA,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY;AAAA,EACb,CAAC,CAAA;AACF;AAyCe,SAAR,QAAA,CACN,OAAA,EAC+E;AAE/E,EAAA,MAAM,WAAA,EAAa;AAAA,IAClB,MAAA,EAAQ,SAAA,CAAU,OAAA,CAAQ,MAAM,EAAA,EAAI,OAAA,CAAQ,OAAA,EAAS,MAAA,CAAE,YAAA,kBAAa,OAAA,CAAQ,MAAA,UAAU,CAAC,GAAC,CAAA;AAAA,IACxF,KAAA,EAAO,SAAA,CAAU,OAAA,CAAQ,KAAK,EAAA,EAAI,OAAA,CAAQ,MAAA,EAAQ,MAAA,CAAE,YAAA,kBAAa,OAAA,CAAQ,KAAA,UAAS,CAAC,GAAC,CAAA;AAAA,IACpF,IAAA,EAAM,SAAA,CAAU,OAAA,CAAQ,IAAI,EAAA,EAAI,OAAA,CAAQ,KAAA,EAAO,MAAA,CAAE,YAAA,kBAAa,OAAA,CAAQ,IAAA,UAAQ,CAAC,GAAC;AAAA,EACjF,CAAA;AAEA,EAAA,OAAO,MAAA,CAAO,GAAA,EAAK,GAAA,EAAK,IAAA,EAAA,GAAwB;AAC/C,IAAA,MAAM,OAAA,EAA0B,CAAC,CAAA;AAGjC,IAAA,IAAA,CAAA,MAAW,KAAA,GAAQ,KAAA,EAAO;AACzB,MAAA,MAAM,OAAA,EAAS,MAAM,UAAA,CAAW,IAAI,CAAA,CAAE,cAAA,kBAAe,GAAA,CAAI,IAAI,CAAA,UAAK,CAAC,GAAC,CAAA;AACpE,MAAA,GAAA,CAAI,MAAA,CAAO,OAAA,EAAS,GAAA,CAAI,IAAI,EAAA,EAAI,MAAA,CAAO,IAAA;AAAA,MAAA,KAClC,MAAA,CAAO,IAAA,CAAK,EAAE,IAAA,EAAM,MAAA,EAAQ,MAAA,CAAO,MAAM,CAAC,CAAA;AAAA,IAChD;AAGA,IAAA,GAAA,CAAI,MAAA,CAAO,OAAA,EAAS,CAAA,EAAG;AAEtB,MAAA,GAAA,CAAI,OAAA,CAAQ,OAAA,EAAS,OAAO,OAAA,CAAQ,OAAA,CAAQ,MAAA,EAAQ,GAAA,EAAK,GAAA,EAAK,IAAI,CAAA;AAClE,MAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,CAAA,KAAA,EAAA,GAAA,CAAU,EAAE,IAAA,EAAM,KAAA,CAAM,IAAA,EAAM,MAAA,EAAQ,KAAA,CAAM,MAAA,CAAO,OAAO,CAAA,CAAE,CAAC,CAAA;AAC7F,MAAA,MAAA;AAAA,IACD;AAEA,IAAA,OAAO,IAAA,CAAK,CAAA;AAAA,EACb,CAAA;AACD;AD3DA;AACE;AACF,2BAAA","file":"/home/runner/work/express-zod-safe/express-zod-safe/dist/index.js","sourcesContent":[null,"/// <reference types=\"./express.d.ts\" />\nimport type { NextFunction, Request, RequestHandler, Response } from 'express';\nimport express from 'express';\nimport { type ZodError, type ZodRawShape, type ZodType, z } from 'zod';\n\nconst types = ['query', 'params', 'body'] as const;\n\n/**\n * A ZodType type guard.\n * @param schema The Zod schema to check.\n * @returns Whether the provided schema is a ZodType.\n */\nfunction isZodType(schema: unknown): schema is ZodType {\n\treturn !!schema && typeof (schema as ZodType).safeParseAsync === 'function';\n}\n\n// Override express@^5 request.query getter to provider setter\nconst descriptor = Object.getOwnPropertyDescriptor(express.request, 'query');\nif (descriptor) {\n\tObject.defineProperty(express.request, 'query', {\n\t\tget(this: Request) {\n\t\t\tif (Object.hasOwn(this, '_query')) return this._query;\n\t\t\treturn descriptor?.get?.call(this);\n\t\t},\n\t\tset(this: Request, query: unknown) {\n\t\t\tthis._query = query;\n\t\t},\n\t\tconfigurable: true,\n\t\tenumerable: true\n\t});\n}\n\n/**\n * Generates a middleware function for Express.js that validates request params, query, and body.\n * This function uses Zod schemas to perform validation against the provided schema definitions.\n *\n * @param schemas - An object containing Zod schemas for params, query, and body. Optional handler for custom error handling.\n * @returns An Express.js middleware function that validates the request based on the provided schemas.\n * It attaches validated data to the request object and sends error details if validation fails.\n * @template TParams - Type definition for params schema.\n * @template TQuery - Type definition for query schema.\n * @template TBody - Type definition for body schema.\n * @example\n * // Example usage in an Express.js route\n * import express from 'express';\n * import validate from 'express-zod-safe';\n * import { z } from 'zod';\n *\n * const app = express();\n * app.use(express.json());\n *\n * // Define your Zod schemas\n * const params = {\n * userId: z.string().uuid(),\n * };\n * const query = {\n * age: z.coerce.number().optional(),\n * };\n * const body = {\n * name: z.string(),\n * email: z.string().email(),\n * };\n *\n * // Use the validate middleware in your route\n * app.post('/user/:userId', validate({ params, query, body }), (req, res) => {\n * // Your route logic here\n * res.send('User data is valid!');\n * });\n *\n * app.listen(3000, () => console.log('Server running on port 3000'));\n */\nexport default function validate<TParams extends ValidationSchema, TQuery extends ValidationSchema, TBody extends ValidationSchema>(\n\tschemas: CompleteValidationSchema<TParams, TQuery, TBody>\n): RequestHandler<ZodOutput<TParams>, any, ZodOutput<TBody>, ZodOutput<TQuery>> {\n\t// Create validation objects for each type\n\tconst validation = {\n\t\tparams: isZodType(schemas.params) ? schemas.params : z.strictObject(schemas.params ?? {}),\n\t\tquery: isZodType(schemas.query) ? schemas.query : z.strictObject(schemas.query ?? {}),\n\t\tbody: isZodType(schemas.body) ? schemas.body : z.strictObject(schemas.body ?? {})\n\t};\n\n\treturn async (req, res, next): Promise<void> => {\n\t\tconst errors: ErrorListItem[] = [];\n\n\t\t// Validate all types (params, query, body)\n\t\tfor (const type of types) {\n\t\t\tconst parsed = await validation[type].safeParseAsync(req[type] ?? {});\n\t\t\tif (parsed.success) req[type] = parsed.data as any;\n\t\t\telse errors.push({ type, errors: parsed.error });\n\t\t}\n\n\t\t// Return all errors if there are any\n\t\tif (errors.length > 0) {\n\t\t\t// If a custom error handler is provided, use it\n\t\t\tif (schemas.handler) return schemas.handler(errors, req, res, next);\n\t\t\tres.status(400).send(errors.map(error => ({ type: error.type, errors: error.errors.issues })));\n\t\t\treturn;\n\t\t}\n\n\t\treturn next();\n\t};\n}\n\n/**\n * Describes the types of data that can be validated: 'query', 'params', or 'body'.\n */\ntype DataType = (typeof types)[number];\n\n/**\n * Defines the structure of an error item, containing the type of validation that failed (params, query, or body)\n * and the associated ZodError.\n */\nexport interface ErrorListItem {\n\ttype: DataType;\n\terrors: ZodError;\n}\n\nexport type Unvalidated = unknown;\n\n/**\n * Represents an Express.js error request handler where the params, query and body are of unknown type as validation failed.\n */\nexport type ErrorRequestHandler<\n\tP = Unvalidated,\n\tResBody = any,\n\tReqBody = Unvalidated,\n\tReqQuery = unknown,\n\tLocalsObj extends Record<string, any> = Record<string, any>\n> = (\n\terr: ErrorListItem[],\n\treq: Request<P, ResBody, ReqBody, ReqQuery, LocalsObj>,\n\tres: Response<ResBody, LocalsObj>,\n\tnext: NextFunction\n) => void | Promise<void>;\n\n/**\n * Represents a generic type for route validation, which can be applied to params, query, or body.\n * Each key-value pair represents a field and its corresponding Zod validation schema.\n */\nexport type ValidationSchema = ZodType | ZodRawShape;\n\n/**\n * Defines the structure for the schemas provided to the validate middleware.\n * Each property corresponds to a different part of the request (params, query, body)\n * and should be a record of Zod types for validation. Optional handler for custom error handling.\n *\n * @template TParams - Type definition for params schema.\n * @template TQuery - Type definition for query schema.\n * @template TBody - Type definition for body schema.\n */\nexport interface CompleteValidationSchema<\n\tTParams extends ValidationSchema = ValidationSchema,\n\tTQuery extends ValidationSchema = ValidationSchema,\n\tTBody extends ValidationSchema = ValidationSchema\n> {\n\thandler?: ErrorRequestHandler;\n\tparams?: TParams;\n\tquery?: TQuery;\n\tbody?: TBody;\n}\n\n/**\n * Represents the output type of a Zod validation schema.\n * This is used to infer the TypeScript type from a Zod schema,\n * providing typesafe access to the validated data.\n *\n * @template T - The validation type (params, query, or body).\n */\nexport type ZodOutput<T extends ValidationSchema | undefined> = T extends ValidationSchema\n\t? z.output<T extends ZodRawShape ? z.ZodObject<T> : T>\n\t: Unvalidated;\n\n/**\n * A utility type to ensure other middleware types don't conflict with the validate middleware.\n */\nexport type WeakRequestHandler = RequestHandler<Unvalidated, Unvalidated, Unvalidated, Unvalidated>;\n\n/**\n * A utility type to ensure the Request is typed correctly.\n * @template T - The validation schema to be applied to the request params, query and body.\n * @example\n * import { ValidatedRequest } from 'express-zod-safe';\n * import { z } from 'zod';\n *\n * const schema = {\n * \tquery: {\n * \t\tname: z.string().min(3).max(10),\n * \t\tage: z.coerce.number().min(18)\n * \t},\n * \tbody: {\n * \t\ttitle: z.string().max(4)\n * \t},\n * \tparams: {\n * \t\tid: z.coerce.number()\n * \t}\n * };\n *\n * const requestHandler = (req: ValidatedRequest<typeof schema>, res: Response) => {\n * \tconst { name, age } = req.query;\n * \tconst { id } = req.params;\n * const { title } = req.body;\n *\n * \tres.send(`Hello ${title} ${name}! (Your age is ${age} and your ID is ${id})`);\n * };\n *\n * app.post('/handler/:id', validate(schema), requestHandler);\n */\nexport type ValidatedRequest<T extends CompleteValidationSchema> = Request<\n\tZodOutput<T['params']>,\n\tany,\n\tZodOutput<T['body']>,\n\tZodOutput<T['query']>\n>;\n"]}
|
package/dist/index.mjs
CHANGED
|
@@ -2,8 +2,7 @@
|
|
|
2
2
|
import express from "express";
|
|
3
3
|
import { z } from "zod";
|
|
4
4
|
var types = ["query", "params", "body"];
|
|
5
|
-
|
|
6
|
-
function isZodSchema(schema) {
|
|
5
|
+
function isZodType(schema) {
|
|
7
6
|
return !!schema && typeof schema.safeParseAsync === "function";
|
|
8
7
|
}
|
|
9
8
|
var descriptor = Object.getOwnPropertyDescriptor(express.request, "query");
|
|
@@ -22,9 +21,9 @@ if (descriptor) {
|
|
|
22
21
|
}
|
|
23
22
|
function validate(schemas) {
|
|
24
23
|
const validation = {
|
|
25
|
-
params:
|
|
26
|
-
query:
|
|
27
|
-
body:
|
|
24
|
+
params: isZodType(schemas.params) ? schemas.params : z.strictObject(schemas.params ?? {}),
|
|
25
|
+
query: isZodType(schemas.query) ? schemas.query : z.strictObject(schemas.query ?? {}),
|
|
26
|
+
body: isZodType(schemas.body) ? schemas.body : z.strictObject(schemas.body ?? {})
|
|
28
27
|
};
|
|
29
28
|
return async (req, res, next) => {
|
|
30
29
|
const errors = [];
|
|
@@ -35,7 +34,7 @@ function validate(schemas) {
|
|
|
35
34
|
}
|
|
36
35
|
if (errors.length > 0) {
|
|
37
36
|
if (schemas.handler) return schemas.handler(errors, req, res, next);
|
|
38
|
-
res.status(400).send(errors.map((error) => ({ type: error.type, errors: error.errors })));
|
|
37
|
+
res.status(400).send(errors.map((error) => ({ type: error.type, errors: error.errors.issues })));
|
|
39
38
|
return;
|
|
40
39
|
}
|
|
41
40
|
return next();
|
package/dist/index.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts"],"sourcesContent":["/// <reference types=\"./express.d.ts\" />\nimport type { NextFunction, Request, RequestHandler, Response } from 'express';\nimport express from 'express';\nimport { type ZodError, type ZodRawShape, type
|
|
1
|
+
{"version":3,"sources":["../src/index.ts"],"sourcesContent":["/// <reference types=\"./express.d.ts\" />\nimport type { NextFunction, Request, RequestHandler, Response } from 'express';\nimport express from 'express';\nimport { type ZodError, type ZodRawShape, type ZodType, z } from 'zod';\n\nconst types = ['query', 'params', 'body'] as const;\n\n/**\n * A ZodType type guard.\n * @param schema The Zod schema to check.\n * @returns Whether the provided schema is a ZodType.\n */\nfunction isZodType(schema: unknown): schema is ZodType {\n\treturn !!schema && typeof (schema as ZodType).safeParseAsync === 'function';\n}\n\n// Override express@^5 request.query getter to provider setter\nconst descriptor = Object.getOwnPropertyDescriptor(express.request, 'query');\nif (descriptor) {\n\tObject.defineProperty(express.request, 'query', {\n\t\tget(this: Request) {\n\t\t\tif (Object.hasOwn(this, '_query')) return this._query;\n\t\t\treturn descriptor?.get?.call(this);\n\t\t},\n\t\tset(this: Request, query: unknown) {\n\t\t\tthis._query = query;\n\t\t},\n\t\tconfigurable: true,\n\t\tenumerable: true\n\t});\n}\n\n/**\n * Generates a middleware function for Express.js that validates request params, query, and body.\n * This function uses Zod schemas to perform validation against the provided schema definitions.\n *\n * @param schemas - An object containing Zod schemas for params, query, and body. Optional handler for custom error handling.\n * @returns An Express.js middleware function that validates the request based on the provided schemas.\n * It attaches validated data to the request object and sends error details if validation fails.\n * @template TParams - Type definition for params schema.\n * @template TQuery - Type definition for query schema.\n * @template TBody - Type definition for body schema.\n * @example\n * // Example usage in an Express.js route\n * import express from 'express';\n * import validate from 'express-zod-safe';\n * import { z } from 'zod';\n *\n * const app = express();\n * app.use(express.json());\n *\n * // Define your Zod schemas\n * const params = {\n * userId: z.string().uuid(),\n * };\n * const query = {\n * age: z.coerce.number().optional(),\n * };\n * const body = {\n * name: z.string(),\n * email: z.string().email(),\n * };\n *\n * // Use the validate middleware in your route\n * app.post('/user/:userId', validate({ params, query, body }), (req, res) => {\n * // Your route logic here\n * res.send('User data is valid!');\n * });\n *\n * app.listen(3000, () => console.log('Server running on port 3000'));\n */\nexport default function validate<TParams extends ValidationSchema, TQuery extends ValidationSchema, TBody extends ValidationSchema>(\n\tschemas: CompleteValidationSchema<TParams, TQuery, TBody>\n): RequestHandler<ZodOutput<TParams>, any, ZodOutput<TBody>, ZodOutput<TQuery>> {\n\t// Create validation objects for each type\n\tconst validation = {\n\t\tparams: isZodType(schemas.params) ? schemas.params : z.strictObject(schemas.params ?? {}),\n\t\tquery: isZodType(schemas.query) ? schemas.query : z.strictObject(schemas.query ?? {}),\n\t\tbody: isZodType(schemas.body) ? schemas.body : z.strictObject(schemas.body ?? {})\n\t};\n\n\treturn async (req, res, next): Promise<void> => {\n\t\tconst errors: ErrorListItem[] = [];\n\n\t\t// Validate all types (params, query, body)\n\t\tfor (const type of types) {\n\t\t\tconst parsed = await validation[type].safeParseAsync(req[type] ?? {});\n\t\t\tif (parsed.success) req[type] = parsed.data as any;\n\t\t\telse errors.push({ type, errors: parsed.error });\n\t\t}\n\n\t\t// Return all errors if there are any\n\t\tif (errors.length > 0) {\n\t\t\t// If a custom error handler is provided, use it\n\t\t\tif (schemas.handler) return schemas.handler(errors, req, res, next);\n\t\t\tres.status(400).send(errors.map(error => ({ type: error.type, errors: error.errors.issues })));\n\t\t\treturn;\n\t\t}\n\n\t\treturn next();\n\t};\n}\n\n/**\n * Describes the types of data that can be validated: 'query', 'params', or 'body'.\n */\ntype DataType = (typeof types)[number];\n\n/**\n * Defines the structure of an error item, containing the type of validation that failed (params, query, or body)\n * and the associated ZodError.\n */\nexport interface ErrorListItem {\n\ttype: DataType;\n\terrors: ZodError;\n}\n\nexport type Unvalidated = unknown;\n\n/**\n * Represents an Express.js error request handler where the params, query and body are of unknown type as validation failed.\n */\nexport type ErrorRequestHandler<\n\tP = Unvalidated,\n\tResBody = any,\n\tReqBody = Unvalidated,\n\tReqQuery = unknown,\n\tLocalsObj extends Record<string, any> = Record<string, any>\n> = (\n\terr: ErrorListItem[],\n\treq: Request<P, ResBody, ReqBody, ReqQuery, LocalsObj>,\n\tres: Response<ResBody, LocalsObj>,\n\tnext: NextFunction\n) => void | Promise<void>;\n\n/**\n * Represents a generic type for route validation, which can be applied to params, query, or body.\n * Each key-value pair represents a field and its corresponding Zod validation schema.\n */\nexport type ValidationSchema = ZodType | ZodRawShape;\n\n/**\n * Defines the structure for the schemas provided to the validate middleware.\n * Each property corresponds to a different part of the request (params, query, body)\n * and should be a record of Zod types for validation. Optional handler for custom error handling.\n *\n * @template TParams - Type definition for params schema.\n * @template TQuery - Type definition for query schema.\n * @template TBody - Type definition for body schema.\n */\nexport interface CompleteValidationSchema<\n\tTParams extends ValidationSchema = ValidationSchema,\n\tTQuery extends ValidationSchema = ValidationSchema,\n\tTBody extends ValidationSchema = ValidationSchema\n> {\n\thandler?: ErrorRequestHandler;\n\tparams?: TParams;\n\tquery?: TQuery;\n\tbody?: TBody;\n}\n\n/**\n * Represents the output type of a Zod validation schema.\n * This is used to infer the TypeScript type from a Zod schema,\n * providing typesafe access to the validated data.\n *\n * @template T - The validation type (params, query, or body).\n */\nexport type ZodOutput<T extends ValidationSchema | undefined> = T extends ValidationSchema\n\t? z.output<T extends ZodRawShape ? z.ZodObject<T> : T>\n\t: Unvalidated;\n\n/**\n * A utility type to ensure other middleware types don't conflict with the validate middleware.\n */\nexport type WeakRequestHandler = RequestHandler<Unvalidated, Unvalidated, Unvalidated, Unvalidated>;\n\n/**\n * A utility type to ensure the Request is typed correctly.\n * @template T - The validation schema to be applied to the request params, query and body.\n * @example\n * import { ValidatedRequest } from 'express-zod-safe';\n * import { z } from 'zod';\n *\n * const schema = {\n * \tquery: {\n * \t\tname: z.string().min(3).max(10),\n * \t\tage: z.coerce.number().min(18)\n * \t},\n * \tbody: {\n * \t\ttitle: z.string().max(4)\n * \t},\n * \tparams: {\n * \t\tid: z.coerce.number()\n * \t}\n * };\n *\n * const requestHandler = (req: ValidatedRequest<typeof schema>, res: Response) => {\n * \tconst { name, age } = req.query;\n * \tconst { id } = req.params;\n * const { title } = req.body;\n *\n * \tres.send(`Hello ${title} ${name}! (Your age is ${age} and your ID is ${id})`);\n * };\n *\n * app.post('/handler/:id', validate(schema), requestHandler);\n */\nexport type ValidatedRequest<T extends CompleteValidationSchema> = Request<\n\tZodOutput<T['params']>,\n\tany,\n\tZodOutput<T['body']>,\n\tZodOutput<T['query']>\n>;\n"],"mappings":";AAEA,OAAO,aAAa;AACpB,SAAwD,SAAS;AAEjE,IAAM,QAAQ,CAAC,SAAS,UAAU,MAAM;AAOxC,SAAS,UAAU,QAAoC;AACtD,SAAO,CAAC,CAAC,UAAU,OAAQ,OAAmB,mBAAmB;AAClE;AAGA,IAAM,aAAa,OAAO,yBAAyB,QAAQ,SAAS,OAAO;AAC3E,IAAI,YAAY;AACf,SAAO,eAAe,QAAQ,SAAS,SAAS;AAAA,IAC/C,MAAmB;AAClB,UAAI,OAAO,OAAO,MAAM,QAAQ,EAAG,QAAO,KAAK;AAC/C,aAAO,YAAY,KAAK,KAAK,IAAI;AAAA,IAClC;AAAA,IACA,IAAmB,OAAgB;AAClC,WAAK,SAAS;AAAA,IACf;AAAA,IACA,cAAc;AAAA,IACd,YAAY;AAAA,EACb,CAAC;AACF;AAyCe,SAAR,SACN,SAC+E;AAE/E,QAAM,aAAa;AAAA,IAClB,QAAQ,UAAU,QAAQ,MAAM,IAAI,QAAQ,SAAS,EAAE,aAAa,QAAQ,UAAU,CAAC,CAAC;AAAA,IACxF,OAAO,UAAU,QAAQ,KAAK,IAAI,QAAQ,QAAQ,EAAE,aAAa,QAAQ,SAAS,CAAC,CAAC;AAAA,IACpF,MAAM,UAAU,QAAQ,IAAI,IAAI,QAAQ,OAAO,EAAE,aAAa,QAAQ,QAAQ,CAAC,CAAC;AAAA,EACjF;AAEA,SAAO,OAAO,KAAK,KAAK,SAAwB;AAC/C,UAAM,SAA0B,CAAC;AAGjC,eAAW,QAAQ,OAAO;AACzB,YAAM,SAAS,MAAM,WAAW,IAAI,EAAE,eAAe,IAAI,IAAI,KAAK,CAAC,CAAC;AACpE,UAAI,OAAO,QAAS,KAAI,IAAI,IAAI,OAAO;AAAA,UAClC,QAAO,KAAK,EAAE,MAAM,QAAQ,OAAO,MAAM,CAAC;AAAA,IAChD;AAGA,QAAI,OAAO,SAAS,GAAG;AAEtB,UAAI,QAAQ,QAAS,QAAO,QAAQ,QAAQ,QAAQ,KAAK,KAAK,IAAI;AAClE,UAAI,OAAO,GAAG,EAAE,KAAK,OAAO,IAAI,YAAU,EAAE,MAAM,MAAM,MAAM,QAAQ,MAAM,OAAO,OAAO,EAAE,CAAC;AAC7F;AAAA,IACD;AAEA,WAAO,KAAK;AAAA,EACb;AACD;","names":[]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "express-zod-safe",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "3.0.0",
|
|
4
4
|
"description": "TypeScript-friendly middleware designed for Express applications, leveraging the robustness of Zod schemas to validate incoming request bodies, parameters, and queries.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"module": "dist/index.mjs",
|
|
@@ -40,19 +40,19 @@
|
|
|
40
40
|
},
|
|
41
41
|
"homepage": "https://github.com/AngaBlue/express-zod-safe#readme",
|
|
42
42
|
"devDependencies": {
|
|
43
|
-
"@angablue/biome-config": "^1.0
|
|
44
|
-
"@biomejs/biome": "^1.
|
|
45
|
-
"@types/node": "^
|
|
43
|
+
"@angablue/biome-config": "^1.1.0",
|
|
44
|
+
"@biomejs/biome": "^2.1.2",
|
|
45
|
+
"@types/node": "^24.1.0",
|
|
46
46
|
"tsup": "^8.5.0",
|
|
47
47
|
"typescript": "^5.8.3",
|
|
48
|
-
"zod": "^
|
|
48
|
+
"zod": "^4.0.10"
|
|
49
49
|
},
|
|
50
50
|
"peerDependencies": {
|
|
51
51
|
"@types/express": "^4.0.0 || ^5.0.0",
|
|
52
52
|
"express": "^4.0.0 || ^5.0.0",
|
|
53
|
-
"zod": "^
|
|
53
|
+
"zod": "^4.0.0"
|
|
54
54
|
},
|
|
55
|
-
"packageManager": "pnpm@10.
|
|
55
|
+
"packageManager": "pnpm@10.17.0",
|
|
56
56
|
"scripts": {
|
|
57
57
|
"build": "tsup",
|
|
58
58
|
"lint": "biome check --fix",
|