adding schema and escaping

master
Björn 4 years ago
parent 61948f699f
commit 4b7caa8a77

@ -12,6 +12,7 @@
"dependencies": { "dependencies": {
"axios": "^0.19.2", "axios": "^0.19.2",
"crispy-css": "^3.0.0", "crispy-css": "^3.0.0",
"escape-html": "^1.0.3",
"fastify": "^2.14.1", "fastify": "^2.14.1",
"fastify-plugin": "^1.6.1", "fastify-plugin": "^1.6.1",
"fastify-static": "^2.7.0", "fastify-static": "^2.7.0",

@ -1,4 +1,6 @@
const NoteRepository = require('../repositories/note.js') const NoteRepository = require('../repositories/note.js')
const schemas = require('../schemas/note.js')
const escapeHtml = require('escape-html')
/** /**
* adding routes for Note * adding routes for Note
@ -39,8 +41,10 @@ module.exports = async function (fastify, opts) {
* @param {object} reply * @param {object} reply
* @return {object} * @return {object}
*/ */
fastify.post('/note', function(request, reply) { fastify.post('/note', schemas.postSchema, function(request, reply) {
// escaping string
request.body.text = escapeHtml(request.body.text)
results = repository.add(request.body) results = repository.add(request.body)
reply reply
@ -58,7 +62,7 @@ module.exports = async function (fastify, opts) {
* @param {object} reply * @param {object} reply
* @return {object} * @return {object}
*/ */
fastify.delete('/note/:id', function(request, reply) { fastify.delete('/note/:id', schemas.deleteSchema, function(request, reply) {
repository.remove(request.params.id) repository.remove(request.params.id)

14
src/bootstrap.js vendored

@ -9,10 +9,14 @@ fastify
.register(require('./static/index.js')) .register(require('./static/index.js'))
// let it rain // let it rain
fastify.listen(3000, (error, address) => { const start = async () => {
if (error) { try {
throw error await fastify.listen(3000)
fastify.log.info(`server listening on ${fastify.server.address().port}`)
} catch (err) {
fastify.log.error(err)
process.exit(1)
} }
}
fastify.log.info(`server listening on ${address}`) start()
})

@ -0,0 +1,43 @@
/**
* schemas for note-routes
*
* @author Björn Hase, Tentakelfabrik
* @license http://opensource.org/licenses/MIT The MIT License
* @link https://github.com/tentakelfabrik/fastify-lowdb-riotjs-lessons-learned
*/
const postSchema = {
schema: {
body: {
type: 'object',
required: ['text'],
properties: {
text: {
type: 'string'
}
},
additionalProperties: false
}
}
}
const deleteSchema = {
schema: {
params: {
type: 'object',
required: ['id'],
properties: {
id: {
type: 'string',
pattern: '^[a-zA-Z0-9]*$'
}
},
additionalProperties: false
}
}
}
module.exports = {
postSchema: postSchema,
deleteSchema: deleteSchema
}
Loading…
Cancel
Save