Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
lib
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

thurston

Route-level file type validation for hapi parsed multipart/form-data stream request payloads. Also works as a standalone module, and most importantly, works in tandem with houdin for a truly magical experience.

NPM Version Build Status Coverage Status Dependencies Dev Dependencies

Table of Contents

Installation

Install via NPM.

$ npm install thurston

Usage

async validate(payload, options)

Validates all Stream.Readable values in a payload given a whitelist of file types provided in the options. Throws a joi-like ValidationError if some file type is not allowed or unknown otherwise it returns the original parsed payload.

Hapi

const Hapi = require('hapi');
const Thurston = require('thurston');

const server = new Hapi.Server({
    routes: {
        validate: {
            options: {
                whitelist: ['image/png']
            }
        }
    }
});

server.route({
    config: {
        validate: {
            // override the default `failAction` if you want further
            // details about the validation error
            failAction: (request, h, err) => {
                // throw the error as is
                throw err;
            },
            payload: Thurston.validate
        },
        payload: {
            output: 'stream',
            parse: true
        }
    }
});

Standalone

const Fs = require('fs');
const Thurston = require('thurston');

const options = { whitelist: ['image/png'] };

Fs.createWriteStream('file.png').end(Buffer.from('89504e470d0a1a0a', 'hex'));
const png = Fs.createReadStream('file.png');

try {
    const payload = await Thurston.validate({ file: png }, options);
    console.log(payload); // { file: ReadStream { _readableState: { ..., buffer: [ <Buffer 89 50> ], ... }, ... } }
}
catch (err) {
    // Unreachable code.
});
const Fs = require('fs');
const Thurston = require('thurston');

const options = { whitelist: ['image/png'] };

Fs.createWriteStream('file.gif').end(Buffer.from('474946383761', 'hex'));
const gif = Fs.createReadStream('file.gif');

try {
    await Thurston.validate({ file: gif }, options);
}
catch (err) {
    console.log(err); // [ValidationError: child "file" fails because ["file" type is not allowed]]
}

Supported File Types

The same as file-type.

About

Route-level file signature validation for hapi stream payloads

Resources

License

Packages

No packages published
You can’t perform that action at this time.