How to use the express-validator/filter.sanitizeQuery function in express-validator
To help you get started, we’ve selected a few express-validator examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
afuh / rick-and-morty-api / controllers / location.js View on Github 
const { sanitizeQuery } = require('express-validator/filter')
const { collection } = require('../utils/helpers')
const Location = require('../models/Location')
const handleSingle = require('./_handleSingleQuery')
exports.sanitize = sanitizeQuery(collection.queries.episode).trim()
// ================ GET ALL ================ //
exports.getAll = async (req, res, next) => {
const { name, type, dimension } = req.query
const { skip, limit, page } = req.body
const { results, count } = await Location.findAndCount({
name, type, dimension, skip, limit
})
req.payload = {
count, limit, page, results
}
next()
}.optional()
.trim()
.isInt({ min: 1, max: 100 }),
query('offset')
.optional()
.trim()
.isInt({ min: 0 }),
query('random')
.optional(),
query('order')
.optional()
.trim()
.isIn(['updatedAt']),
],
[
sanitizeQuery('limit').trim().toInt(),
sanitizeQuery('offset').trim().toInt(),
sanitizeQuery('random').trim().toBoolean(), // Everything except for '0', 'false' and '' returns true
sanitizeQuery('order').trim(),
],
middlewares.validate(),
async (req, res, next) => {
const limit = req.query.limit || 10;
const offset = req.query.offset || 0;
const random = req.query.random || false;
const order = req.query.order === 'updatedAt' ? [['updatedAt', 'DESC']] : [];
let articles;
try {
if (random) {
articles = await Article.findRandomly({ limit });
} else {
articles = await Article.findAll({ limit, offset, order });query('offset')
.optional()
.trim()
.isInt({ min: 0 }),
query('random')
.optional(),
query('order')
.optional()
.trim()
.isIn(['updatedAt']),
],
[
sanitizeQuery('limit').trim().toInt(),
sanitizeQuery('offset').trim().toInt(),
sanitizeQuery('random').trim().toBoolean(), // Everything except for '0', 'false' and '' returns true
sanitizeQuery('order').trim(),
],
middlewares.validate(),
async (req, res, next) => {
const limit = req.query.limit || 10;
const offset = req.query.offset || 0;
const random = req.query.random || false;
const order = req.query.order === 'updatedAt' ? [['updatedAt', 'DESC']] : [];
let articles;
try {
if (random) {
articles = await Article.findRandomly({ limit });
} else {
articles = await Article.findAll({ limit, offset, order });
}
return new Response.Success({ articles }).send(res);
} catch (err) {query('startingWith')
.optional()
.trim()
.custom(v => User.validateUsername(v)),
query('username')
.optional()
.trim()
.custom(v => User.validateUsername(v)),
query('limit')
.optional()
.trim()
.isInt({ min: 1, max: 100 }),
],
[
sanitizeQuery('startingWith').trim(),
sanitizeQuery('username').trim(),
sanitizeQuery('limit').trim().toInt(),
],
middlewares.validate(),
middlewares.permission(GET_USER_LIST),
async (req, res, next) => {
try {
const limit = req.query.limit || 10;
let where = {};
const { startingWith, username } = req.query;
if (startingWith) {
where = {
username: {
// @TODO escape %, _
[Op.like]: `${startingWith}%`,
},
};.isInt({ min: 1, max: 100 }),
query('offset')
.optional()
.trim()
.isInt({ min: 0 }),
query('random')
.optional(),
query('order')
.optional()
.trim()
.isIn(['updatedAt']),
],
[
sanitizeQuery('limit').trim().toInt(),
sanitizeQuery('offset').trim().toInt(),
sanitizeQuery('random').trim().toBoolean(), // Everything except for '0', 'false' and '' returns true
sanitizeQuery('order').trim(),
],
middlewares.validate(),
async (req, res, next) => {
const limit = req.query.limit || 10;
const offset = req.query.offset || 0;
const random = req.query.random || false;
const order = req.query.order === 'updatedAt' ? [['updatedAt', 'DESC']] : [];
let articles;
try {
if (random) {
articles = await Article.findRandomly({ limit });
} else {
articles = await Article.findAll({ limit, offset, order });
}
return new Response.Success({ articles }).send(res);.optional()
.trim()
.custom(v => User.validateUsername(v)),
query('username')
.optional()
.trim()
.custom(v => User.validateUsername(v)),
query('limit')
.optional()
.trim()
.isInt({ min: 1, max: 100 }),
],
[
sanitizeQuery('startingWith').trim(),
sanitizeQuery('username').trim(),
sanitizeQuery('limit').trim().toInt(),
],
middlewares.validate(),
middlewares.permission(GET_USER_LIST),
async (req, res, next) => {
try {
const limit = req.query.limit || 10;
let where = {};
const { startingWith, username } = req.query;
if (startingWith) {
where = {
username: {
// @TODO escape %, _
[Op.like]: `${startingWith}%`,
},
};
}'/',
[
query('limit')
.optional()
.trim()
.isInt({ min: 1, max: 50 }),
query('offset')
.optional()
.trim()
.isInt({ min: 0 }),
query('distinct')
.optional(),
],
[
sanitizeQuery('limit').trim().toInt(),
sanitizeQuery('offset').trim().toInt(),
sanitizeQuery('distinct').trim().toBoolean(), // Everything except for '0', 'false' and '' returns true
],
async (req, res, next) => {
try {
const errors = validationResult(req);
if (!errors.isEmpty()) {
return new Response.BadRequest({ errors: errors.array() }).send(res);
}
const limit = req.query.limit || 10;
const offset = req.query.offset || 0;
const distinct = req.query.distinct || false;
let revisions;
if (distinct) {
revisions = Revision.getRecentDistinctRevisions({
limit,
});const userGroupRelations = await UserGroupRelation.findAllRelationForUserGroup(userGroup);
return res.apiv3({ userGroupRelations });
}
catch (err) {
const msg = `Error occurred in fetching user group relations for group: ${id}`;
logger.error(msg, err);
return res.apiv3Err(new ErrorV3(msg, 'user-group-user-group-relation-list-fetch-failed'));
}
});
validator.pages = {};
validator.pages.get = [
param('id').trim().exists({ checkFalsy: true }),
sanitizeQuery('limit').customSanitizer(toPagingLimit),
sanitizeQuery('offset').customSanitizer(toPagingOffset),
];
/**
* @swagger
*
* paths:
* /user-groups/{id}/pages:
* get:
* tags: [UserGroup]
* description: Get closed pages for the userGroup
* parameters:
* - name: id
* in: path
* required: true
* description: id of userGrouprouter.get(
'/',
[
query('limit')
.optional()
.trim()
.isInt({ min: 1, max: 30 }),
query('order')
.optional()
.trim()
.isIn(['updatedAt']),
],
[
sanitizeQuery('limit').toInt(),
sanitizeQuery('order').trim(),
],
middlewares.validate(),
async (req, res, next) => {
try {
const limit = req.query.limit || 10;
const order = req.query.order === 'updatedAt' ? [['updatedAt', 'DESC']] : [];
const discussionTopics = await DiscussionTopic.findAll({
include: [
{
association: DiscussionTopic.associations.article,
attributes: ['fullTitle', 'id', 'title', 'namespaceId'],
},
],
order,
limit,
}););
router.get(
'/',
[
query('containing')
.optional()
.trim()
.isIP(),
query('userId')
.optional()
.trim()
.isInt(),
],
[
sanitizeQuery('containing').trim(),
sanitizeQuery('userId').trim().toInt(),
],
middlewares.validate(),
async ({ query: { containing, userId } }, res, next) => {
try {
const scopes = ['valid'];
if (containing) {
scopes.push({ method: ['containing', containing] });
}
if (userId) {
scopes.push({ method: ['user', userId] });
}
const blocks = await Block.scope(scopes).findAll();
return new Response.Success({ blocks }).send(res);
} catch (err) {
return next(err);express-validator
Express middleware for the validator module.
Package Health Score
78 / 100Popular express-validator functions
- express-validator
- express-validator.body
- express-validator.check
- express-validator.checkSchema
- express-validator.matchedData
- express-validator.oneOf
- express-validator.param
- express-validator.query
- express-validator.sanitizeBody
- express-validator.sanitizeQuery
- express-validator.validationResult
- express-validator/check.body
- express-validator/check.check
- express-validator/check.param
- express-validator/check.query
- express-validator/check.validationResult
- express-validator/filter.matchedData
- express-validator/filter.sanitizeBody
- express-validator/filter.sanitizeParam
- express-validator/filter.sanitizeQuery