问题描述
为什么 express-validator 没有拒绝这个请求?
import { Router,Request,Response } from 'express'
import { header } from 'express-validator'
if (!process.env.CRONJOB_SECRET) {
console.error('Please set CRONJOB_SECRET')
process.exit(1)
}
const router = Router()
/**
* start/stop jobs every minute
*/
router.get(
'/start-stop-jobs',header('x-cronjob-secret').equals(process.env.CRONJOB_SECRET),async (req: Request,res: Response) => {
const log = {
secret: process.env.CRONJOB_SECRET,equals: req.headers['x-cronjob-secret'],started: [],stopped: [],error: {},}
// stop any events
console.log('Completed /start-stop-jobs',log)
return res.json({ status: 'ok',log })
},)
当我 GET /start-stop-jobs 没有标题时,我得到以下响应:
{"status":"ok","log":{"secret":"CRONJOB_SECRET","started":[],"stopped":[],"error":{}}}
这似乎是一个微不足道的用例。我错过了什么?
解决方法
那应该是因为“express-validator”需要调用另一个 validationResult 函数。每the doc:
// ...rest of the initial code omitted for simplicity.
const { body,validationResult } = require('express-validator');
app.post(
'/user',// username must be an email
body('username').isEmail(),// password must be at least 5 chars long
body('password').isLength({ min: 5 }),(req,res) => {
// Finds the validation errors in this request and wraps them in an object with handy functions
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({ errors: errors.array() });
}
User.create({
username: req.body.username,password: req.body.password,}).then(user => res.json(user));
},);
请注意在验证规范代码之后调用 const errors = validationResult(req);,如果有错误会导致立即返回 res.status(400)。这是您代码中缺少的部分。
如果您不想重复代码,可以将此功能提取到另一个中间件中
// middlewares/handleValidationError.js
const { validationResult } = require("express-validator");
exports.handleValidationError = function (req,res,next) {
// Finds the validation errors in this request and wraps them in an object with handy functions
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({ errors: errors.array() });
}
next();
};
// Using the middleware
// App.js
const { handleValidationError } = require("/middlewares/handleValidationError");
router.get(
"/start-stop-jobs",header("x-cronjob-secret").equals(process.env.CRONJOB_SECRET),handleValidationError,async (req: Request,res: Response) => {
const log = {
secret: process.env.CRONJOB_SECRET,equals: req.headers["x-cronjob-secret"],started: [],stopped: [],error: {},};
// stop any events
console.log("Completed /start-stop-jobs",log);
return res.json({ status: "ok",log });
}
);