How to use the @foal/core.ValidateBody function in @foal/core
To help you get started, we’ve selected a few @foal/core examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
FoalTS / foal / packages / acceptance-tests / src / examples / validation-and-sanitization.spec.ts View on Github 
describe('Validation & Sanitization of HTTP Requests', () => {
// Test compilation
// tslint:disable-next-line:no-unused-variable
class MyController {
@Post('/user')
@ValidateBody({
additionalProperties: false,
properties: {
firstName: { type: 'string' },
lastName: { type: 'string' },
},
required: [ 'firstName', 'lastName' ],
type: 'object'
})
postUser(ctx: Context) {
// In this method we are sure that firstName and lastName
// are defined thanks to the above hook.
console.log(
ctx.request.body.firstName, ctx.request.body.lastName
);
return new HttpResponseOK();
}@TokenRequired({
cookie: true,
store: TypeORMStore,
// Make ctx.user be an instance of User.
user: fetchUser(User),
})
export class ApiController {
@Get('/todos')
async getTodos(ctx: Context) {
const todos = await getRepository(Todo).find({ owner: ctx.user });
return new HttpResponseOK(todos);
}
@Post('/todos')
@ValidateBody({
// The body request should be an object once parsed by the framework.
// Every additional properties that are not defined in the "properties"
// object should be removed.
additionalProperties: false,
properties: {
// The "text" property of ctx.request.body should be a string if it exists.
text: { type: 'string' }
},
// The property "text" is required.
required: [ 'text' ],
type: 'object',
})
async postTodo(ctx: Context) {
// Create a new todo with the body of the HTTP request.
const todo = new Todo();
todo.text = ctx.request.body.text;ValidateBody, ValidatePathParam
} from '@foal/core';
import { getRepository } from 'typeorm';
import { Todo } from '../entities';
export class ApiController {
@Get('/todos')
async getTodos() {
const todos = await getRepository(Todo).find();
return new HttpResponseOK(todos);
}
@Post('/todos')
@ValidateBody({
// The body request should be an object once parsed by the framework.
// Every additional properties that are not defined in the "properties"
// object should be removed.
additionalProperties: false,
properties: {
// The "text" property of ctx.request.body should be a string if it exists.
text: { type: 'string' }
},
// The property "text" is required.
required: [ 'text' ],
type: 'object',
})
async postTodo(ctx: Context) {
// Create a new todo with the body of the HTTP request.
const todo = new Todo();
todo.text = ctx.request.body.text;}
}
class AuthController {
@dependency
store: MongoDBStore;
@Post('/logout')
@TokenRequired({ store: MongoDBStore, extendLifeTimeOrUpdate: false })
async logout(ctx: Context) {
await this.store.destroy(ctx.session.sessionID);
return new HttpResponseNoContent();
}
@Post('/login')
@ValidateBody({
additionalProperties: false,
properties: {
email: { type: 'string', format: 'email' },
password: { type: 'string' }
},
required: ['email', 'password'],
type: 'object',
})
async login(ctx: Context) {
const user = await UserModel.findOne({ email: ctx.request.body.email });
if (!user) {
return new HttpResponseUnauthorized();
}
if (!await verifyPassword(ctx.request.body.password, user.password)) {};
@JWTRequired({ user: fetchUser(User), blackList: isBlackListed })
class ApiController {
@Get('/products')
readProducts(ctx: Context) {
return new HttpResponseOK({
email: ctx.user.email
});
}
}
class AuthController {
@Post('/signup')
@ValidateBody(credentialsSchema)
async signup(ctx: Context) {
const user = new User();
user.email = ctx.request.body.email;
user.password = await hashPassword(ctx.request.body.password);
await getRepository(User).save(user);
return this.generateLoginResponse(user);
}
@Post('/login')
@ValidateBody(credentialsSchema)
async login(ctx: Context) {
const user = await getRepository(User).findOne({ email: ctx.request.body.email });
if (!user) {
return new HttpResponseUnauthorized();}
@Get('/:testFooBarId')
@ValidateParams({ properties: { testFooBarId: { type: 'number' } }, type: 'object' })
async getById(ctx: Context) {
const testFooBar = await getRepository(TestFooBar).findOne(ctx.request.params.testFooBarId);
if (!testFooBar) {
return new HttpResponseNotFound();
}
return new HttpResponseOK(testFooBar);
}
@Post('/')
@ValidateBody(testFooBarSchema)
async post(ctx: Context) {
const testFooBar = await getRepository(TestFooBar).save(ctx.request.body);
return new HttpResponseCreated(testFooBar);
}
@Post('/:testFooBarId')
postById() {
return new HttpResponseMethodNotAllowed();
}
@Patch('/')
patch() {
return new HttpResponseMethodNotAllowed();
}
@Patch('/:testFooBarId')return new HttpResponseOK();
}
}
class AuthController {
@dependency
store: RedisStore;
@Get('/logout')
async logout(ctx: Context) {
await logOut(ctx, this.store, { cookie: true });
return new HttpResponseNoContent();
}
@Post('/login')
@ValidateBody({
additionalProperties: false,
properties: {
email: { type: 'string', format: 'email' },
password: { type: 'string' }
},
required: ['email', 'password'],
type: 'object',
})
async login(ctx: Context) {
const user = await UserModel.findOne({ email: ctx.request.body.email });
if (!user) {
return new HttpResponseUnauthorized();
}
if (!await verifyPassword(ctx.request.body.password, user.password)) {@ValidateBody(credentialsSchema)
async signup(ctx: Context) {
const user = new User();
user.email = ctx.request.body.email;
user.password = await hashPassword(ctx.request.body.password);
await getRepository(User).save(user);
const session = await this.store.createAndSaveSessionFromUser(user);
const response = new HttpResponseRedirect('/home');
const token = session.getToken();
setSessionCookie(response, token);
return response;
}
@Post('/login')
@ValidateBody(credentialsSchema)
async login(ctx: Context) {
const user = await getRepository(User).findOne({ email: ctx.request.body.email });
if (!user) {
return new HttpResponseRedirect('/login');
}
if (!await verifyPassword(ctx.request.body.password, user.password)) {
return new HttpResponseRedirect('/login');
}
const session = await this.store.createAndSaveSessionFromUser(user);
const response = new HttpResponseRedirect('/home');
const token = session.getToken();
setSessionCookie(response, token);
return response;@ValidateBody(credentialsSchema)
async signup(ctx: Context) {
const user = new User();
user.email = ctx.request.body.email;
user.password = await hashPassword(ctx.request.body.password);
await getRepository(User).save(user);
const session = await this.store.createAndSaveSessionFromUser(user);
const response = new HttpResponseNoContent();
const token = session.getToken();
setSessionCookie(response, token);
return response;
}
@Post('/login')
@ValidateBody(credentialsSchema)
async login(ctx: Context) {
const user = await getRepository(User).findOne({ email: ctx.request.body.email });
if (!user) {
return new HttpResponseUnauthorized();
}
if (!await verifyPassword(ctx.request.body.password, user.password)) {
return new HttpResponseUnauthorized();
}
const session = await this.store.createAndSaveSessionFromUser(user);
const response = new HttpResponseNoContent();
const token = session.getToken();
setSessionCookie(response, token);
return response;}
@Get('/:id')
@ValidateParams({ properties: { id: { type: 'number' } }, type: 'object' })
async getById(ctx: Context) {
const product = await getRepository(Product).findOne(ctx.request.params.id);
if (!product) {
return new HttpResponseNotFound();
}
return new HttpResponseOK(product);
}
@Post('/')
@ValidateBody(productSchema)
@ApiRequestBody({
content: {
'application/json': {
schema: productSchema
}
},
required: true
})
async post(ctx: Context) {
const product = await getRepository(Product).save(ctx.request.body);
return new HttpResponseCreated(product);
}
@Post('/:id')
postById() {
return new HttpResponseMethodNotAllowed();@foal/core
Full-featured Node.js framework, with no complexity
Package Health Score
84 / 100Popular @foal/core functions
- @foal/core.ApiOperation
- @foal/core.ApiParameter
- @foal/core.ApiRequestBody
- @foal/core.ApiResponse
- @foal/core.Config.get
- @foal/core.Context
- @foal/core.controller
- @foal/core.createApp
- @foal/core.createController
- @foal/core.Get
- @foal/core.getHttpMethod
- @foal/core.getPath
- @foal/core.Hook
- @foal/core.HttpResponseNoContent
- @foal/core.HttpResponseNotFound
- @foal/core.HttpResponseOK
- @foal/core.Post
- @foal/core.Service
- @foal/core.TokenRequired
- @foal/core.ValidateBody