Skip to content

Latest commit

 

History

History
117 lines (86 loc) · 3.73 KB

README.md

File metadata and controls

117 lines (86 loc) · 3.73 KB
Raw

Fastify Enforce Schema

NPM version js-standard-style

This plugin enables you to enforce response, body and params schemas on your controllers. The sentiment behind this is that no endpoint should ever be left without validation, and now you can enforce this during their registration, so no endpoints are released without validation.

The plugin works by "hooking" into the onRoute Fastify hook which, as described in the docs, triggers when a new route is registered.

This plugin is built together with our Programmer Network Community. You can join us on Twitch and Discord.

Install

Requirements

From npm

npm install fastify-enforce-schema       # npm
yarn add fastify-enforce-schema          # yarn
pnpm add fastify-enforce-schema          # pnpm
bun add fastify-enforce-schema           # bun

Usage

Route definitions in Fastify (4.x) are synchronous, so you must ensure that this plugin is registered before your route definitions.

// ESM
import Fastify from 'fastify'
import enforceSchema from 'fastify-enforce-schema'

const fastify = Fastify()

// Register the plugin
await fastify.register(enforceSchema, { 
  // options (described below)
})

// Register your routes
// your route definitions here...

Note: top-level await requires Node.js 14.8.0 or later

// CommonJS
const fastify = require('fastify')()
const enforceSchema = require('fastify-enforce-schema')

// Register the plugin
fastify.register(enforceSchema, { 
  // options (described below)
})

// Register your routes
fastify.register((fastify, options, done) => {
  // your route definitions here...
  
  done()
})

// Plugins are loaded when fastify.listen(), fastify.inject() or fastify.ready() are called

Options

{
  disabled: ['response', 'body', 'params'], // can also be `true`
  exclude: [
    {
      url: '/foo'
    },
    {
      url: '/bar',
      excludeSchemas: ['response'] // [..., 'body', 'params']
    }
  ]
}

  • disabled: Disable specific schemas (body, response, params) or disable the plugin by passing true.

  • exclude: Endpoints to exclude by the routeOptions.path. Each exclude is an object with a url and (optional) excludeSchemas array. If the excludeSchemas array is not passed, validation for all 3 schemas (body, response, params) is disabled. Supports wildcards and any other RegEx features.

By default, all schemas are enforced where appropriate.

Note: The body schema is only enforced on POST, PUT and PATCH routes, and the params schema is only enforced on routes with :params.

Disable schema enforcement on specific routes

// Disable all schemas
fastify.get('/foo', { schema: false }, (req, reply) => {
  reply.code(200)
})

// Disable response and params schemas
fastify.get(
  '/bar:baz', { schema: { disabled: ['response', 'params'] } }, (req, reply) => {
    reply.code(200)
  }
)

// Disable body schema
fastify.post('/baz', { schema: { disabled: ['body'] } }, (req, reply) => {
  reply.code(200)
})