Skip to content

smartrecruiters/openapi-first

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
4 branches 13 tags
Code

Latest commit

@dependabot
dependabot[bot] Bump ansi-regex from 3.0.0 to 3.0.1 (#35)
2135e10 Apr 6, 2022
Bump ansi-regex from 3.0.0 to 3.0.1 (#35) 
Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](chalk/ansi-regex@v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: ansi-regex
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2135e10

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
docs
 
 
errors
 
 
examples
 
 
lib
 
 
middlewares
 
 
openapi
 
 
test
 
 
.editorconfig
 
 
.eslintignore
 
 
.eslintrc.yaml
 
 
.gitignore
 
 
.mocharc.yaml
 
 
.npmignore
 
 
.nvmrc
 
 
.nycrc
 
 
.travis.yml
 
 
CHANGELOG.md
 
 
LICENSE
 
 
README.md
 
 
index.js
 
 
package-lock.json
 
 
package.json
 
 
@smartrecruiters/openapi-first Is it for you? How to start openapi middlewares Validation middlewares Create your own openapi middleware Contributing License

README.md

@smartrecruiters/openapi-first

NPM Version NPM Downloads Node.js Version Licence Build

Start your node REST app with designing API first!

Is it for you?

If you:

  • use OpenAPI Specification 3.0 to document your REST APIs written in node.js,
  • like design first approach regardign REST APIs
  • want your specification to be single source of truth of your API,
  • want to handle validation and parsing of requests query, body, content-type in a unified manner for all API endpoints,

then @smartrecruiters/openapi-first is what you are looking for!

This module initializes your API connect-style application with specification in OpenAPI Specification 3.0 format.

How to start

Let's say you have specification in OpenAPI Specification 3.0 in spec.json:

{
    "openapi": "3.0.0",
    "info": {
        "version": "1.0.0",
        "title": "Hello World API"
    },
    "paths": {
        "/hello": {
            "get": {
                "responses": {
                    "200": {
                        "description": "Success",
                        "content": {
                            "application/json": {
                                "schema": {
                                    "$ref": "#/components/schemas/Greeting"
                                }
                            }
                        }
                    }
                },
                "x-swagger-router-controller": "greeting/hello",
                "parameters": [
                    {
                        "in": "query",
                        "name": "name",
                        "schema": {
                            "type": "string",
                            "default": "world"
                        }
                    }
                ]
            }
        }
    },
    "components": {
        "schemas": {
            "Greeting": {
                "type": "object",
                "properties": {
                    "greeting": {
                        "type": "string"
                    }
                }
            }
        }
    }
}

Now you can implement connect-style middleware with "business logic" in greeting/hello.js:

module.exports = function(req, res) {
    res.status(200).json({greeting: `Hello, ${req.query.name}!`})
}

Now, let's make an app.js file:

const openApiFirst = require('@smartrecruiters/openapi-first')
const express = require('express')

// create express app
const app = express()

const spec = require('./spec.json')

// create open api specification initializer
const api = openApiFirst(app, spec)

// to enable setting default values on empty query params
api.use(require('@smartrecruiters/openapi-first/middlewares/query/defaults')())

// to link the specification with code in 'api' directory
api.use(require('@smartrecruiters/openapi-first/middlewares/controllers/by-property')({dir: __dirname}))

app.listen(8080)

We can now run the application:

node app

To verify it's working, let's hit the endpoint:

curl localhost:8080/hello?who=world

The response should be 200 with body:

{"greeting":"Hello, world!"}

openapi middlewares

You can use one of the middlewares under @smartrecruiters/middlewares/* or create your own. Such middlewares will be applied to connect-style app for each operation as they are specification and operation aware. For instace, @smartrecruiters/middlewares/query/validate middleware will be applied to any and only operation which has query parameters defined, passing an Error to next callback when req.query is invalid.

Currently following middlewares are available:

  • request body validation,
  • request body parsing (e.g. form string parameters to types specified in API documentation)
  • setting default values on request body,
  • query parameters validation,
  • setting default query parameters values
  • removing unspecified query parameters,
  • content type validation,
  • routing to appropriate controller,
  • oauth scopes authorization,
  • error handlers (MissingRequiredScopes).

Validation middlewares

Middlewares for request body and query validation expects schema validators in order to be created. The recommended schema validator is @smartrecruiters/openapi-schema-validator

Create your own openapi middleware

Adding your own openapi is very simple. Let's say your operation has extension OpenAPI Specification 3.0 Specification Extension 'x-only-admin'. If it is set on, this will mean that only users with admin can use this method. Assuming some preceding middleware is setting req.user.role, you can write a simple openapi middleware that will gather information from operation object and act accordingly:

const onlyAdminMiddleware = operation =>
    (req, res, next) => {
        if(operation['x-only-admin'] && req.user.role !== "admin") {
            res.status(403).json("Access forbidden. For this operation, you need to have admin role")
        }
        return next()
    }

Contributing

Please see our Code of conduct and Contributing guidelines

License

MIT

About

Start your node REST app with designing API first!

Topics

openapi connect openapi-specification openapi3 oas3

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

37 stars

Watchers

21 watching

Forks

5 forks
Report repository

Releases 9

@smartrecruiters/openapi-first v1.1.0 Latest
Jul 8, 2021
+ 8 releases

Packages

No packages published

Contributors 6

Languages