68 lines
2.3 KiB
JavaScript
68 lines
2.3 KiB
JavaScript
/** This module defines a express.Router() instance
|
|
* - checking Accept-Version header to be 1.0
|
|
* - body-data to be JSON on POST/PUT/PATCH
|
|
* - body to be not empty on POST/PUT/PATCH
|
|
* - Request accepts JSOn as reply content-type
|
|
*
|
|
* @author Johannes Konert
|
|
* @licence CC BY-SA 4.0
|
|
*
|
|
* @module restapi/request-checks
|
|
* @type {Router}
|
|
*/
|
|
|
|
// remember: in modules you have 3 variables given by CommonJS
|
|
// 1.) require() function
|
|
// 2.) module.exports
|
|
// 3.) exports (which is module.exports)
|
|
"use strict";
|
|
|
|
const router = require('express').Router();
|
|
|
|
// API-Version control. We use HTTP Header field Accept-Version instead of URL-part /v1/
|
|
router.use((req, res, next) => {
|
|
// expect the Accept-Version header to be NOT set or being 1.0
|
|
const versionWanted = req.get('Accept-Version');
|
|
if (versionWanted !== undefined && versionWanted !== '1.0') {
|
|
// 406 Accept-* header cannot be fulfilled.
|
|
res.status(406).send('Accept-Version cannot be fulfilled').end();
|
|
} else {
|
|
next(); // all OK, call next handler
|
|
}
|
|
});
|
|
|
|
// request type application/json check
|
|
router.use((req, res, next) => {
|
|
if (['POST', 'PUT', 'PATCH'].indexOf(req.method) > -1 &&
|
|
(!(/multipart\/form-data/.test(req.get('Content-Type'))) &&
|
|
!(/application\/json/.test(req.get('Content-Type'))))) {
|
|
// send error code 415: unsupported media type
|
|
res.status(415).send('wrong Content-Type'); // user has SEND the wrong type
|
|
} else if (!req.accepts('json')) {
|
|
// send 406 that response will be application/json and request does not support it by now as answer
|
|
// user has REQUESTED the wrong type
|
|
res.status(406).send('response of application/json only supported, please accept this');
|
|
}
|
|
else {
|
|
next(); // let this request pass through as it is OK
|
|
}
|
|
});
|
|
|
|
|
|
// request POST, PUT check that any content was send
|
|
router.use((req, res, next) => {
|
|
let err = undefined;
|
|
if (['POST', 'PUT', 'PATCH'].indexOf(req.method) > -1 && parseInt(req.get('Content-Length')) === 0) {
|
|
err = new Error("content in body is missing");
|
|
err.status = 400;
|
|
next(err);
|
|
} else if ('PUT' === req.method && !(req.body.id || req.body._id)) {
|
|
err = new Error("content in body is missing field id");
|
|
err.status = 400;
|
|
next(err);
|
|
}
|
|
next();
|
|
});
|
|
|
|
module.exports = router;
|