Skip to content

ruiquelhas/lafayette

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
lib
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

lafayette

Route-level file type validation for hapi parsed multipart/form-data temporary file request payloads. Also works as a standalone module, and most importantly, works in tandem with thurston for a truly magical experience.

NPM Version Build Status Coverage Status Dependencies Dev Dependencies

Table of Contents

Installation

Install via NPM.

$ npm install lafayette

Usage

async validate(payload, options)

Validates all values in a payload that match the hapi temporary file pattern object given a whitelist of file types provided in the options. Results in a joi-like ValidationError if some file type is not allowed or unknown, otherwise it returns the original parsed payload to account for additional custom validation.

Hapi

const Hapi = require('hapi');
const Lafayette = require('lafayette');

const server = new Hapi.Server({
    routes: {
        validate: {
            options: {
                whitelist: ['image/png']
            }
        }
    }
});

server.route({
    options: {
        validate: {
            // override the default `failAction` if you want further
            // details about the validation error
            failAction: (request, h, err) => {
                // throw the error as is
                throw err;
            },
            payload: Lafayette.validate
        },
        payload: {
            output: 'file',
            parse: true
        }
    }
});

Standalone

const Fs = require('fs');
const Lafayette = require('lafayette');

const options = { whitelist: ['image/png'] };

Fs.createWriteStream('file.png').end(Buffer.from('89504e470d0a1a0a', 'hex'));

const png = {
    filename: 'file.png',
    path: '.',
    headers: {
        'content-disposition': 'form-data; name="file"; filename="file.png"',
        'content-type': 'image/png'
    },
    bytes: 8
};

try {
    const payload = await Lafayette.validate({ file: png }, options);
    console.log(payload); // { file: { filename: 'file.png', path: '.', ... } }
}
catch (err) {
    throw err;
}
const Fs = require('fs');
const Lafayette = require('lafayette');

const options = { whitelist: ['image/png'] };

Fs.createWriteStream('file.gif').end(Buffer.from('474946383761', 'hex'));

const gif = {
    filename: 'file.gif',
    path: '.',
    headers: {
        'content-disposition': 'form-data; name="file"; filename="file.gif"',
        'content-type': 'image/gif'
    },
    bytes: 6
};

try {
    await Lafayette.validate({ file: gif }, options);
}
catch (err) {
    console.log(err); // [ValidationError: child "file" fails because ["file" type is not allowed]]
}

Supported File Types

The same as file-type.

About

Route-level file signature validation for hapi temporary file payloads

Resources

License

Stars

Watchers

Forks

Packages

No packages published