Route-level file type validation for hapi parsed multipart/form-data stream request payloads. Also works as a standalone module, and most importantly, works in tandem with houdin for a truly magical experience.
Install via NPM.
$ npm install thurstonValidates all Stream.Readable values in a payload given a whitelist of file types provided in the options. Throws a joi-like ValidationError if some file type is not allowed or unknown otherwise it returns the original parsed payload.
const Hapi = require('hapi');
const Thurston = require('thurston');
const server = new Hapi.Server({
routes: {
validate: {
options: {
whitelist: ['image/png']
}
}
}
});
server.route({
config: {
validate: {
// override the default `failAction` if you want further
// details about the validation error
failAction: (request, h, err) => {
// throw the error as is
throw err;
},
payload: Thurston.validate
},
payload: {
output: 'stream',
parse: true
}
}
});const Fs = require('fs');
const Thurston = require('thurston');
const options = { whitelist: ['image/png'] };
Fs.createWriteStream('file.png').end(Buffer.from('89504e470d0a1a0a', 'hex'));
const png = Fs.createReadStream('file.png');
try {
const payload = await Thurston.validate({ file: png }, options);
console.log(payload); // { file: ReadStream { _readableState: { ..., buffer: [ <Buffer 89 50> ], ... }, ... } }
}
catch (err) {
// Unreachable code.
});const Fs = require('fs');
const Thurston = require('thurston');
const options = { whitelist: ['image/png'] };
Fs.createWriteStream('file.gif').end(Buffer.from('474946383761', 'hex'));
const gif = Fs.createReadStream('file.gif');
try {
await Thurston.validate({ file: gif }, options);
}
catch (err) {
console.log(err); // [ValidationError: child "file" fails because ["file" type is not allowed]]
}The same as file-type.