ruiquelhas / hapi-magic-filter Goto Github PK
View Code? Open in Web Editor NEW[DEPRECATED] Hapi.js plugin to validate multipart/form-data file contents
Home Page: https://www.npmjs.org/package/hapi-magic-filter
License: MIT License
[DEPRECATED] Hapi.js plugin to validate multipart/form-data file contents
Home Page: https://www.npmjs.org/package/hapi-magic-filter
License: MIT License
Unfortunately (or not) hapi-magic-filter
is going to be deprecated, but rest assured, there is a nice replacement available (more than one to be precise).
The current test suite is a bit awkward and makes it hard to get 100% code coverage. Also, the implementation mixes validation for all kinds of request payload types - data
, stream
and file
, both when parsed or not, which is not really necessary, because, most of the times, you will just stick to a single combination.
One of things that also bothered me was that it was not possible to use validation at the route level. And that was not easy to add to the existing codebase due to the reasons I mentioned above. And this is, IMHO, a really interesting feature (at least until joi starts to allow custom extensions).
So, instead of cramming the functionality into hapi-magic-filter
, I decided to break up the existing stuff into a set of smaller modules, all tied together in a nice little ecosystem that builds on this new route-level validation thingy. This allows each module to have a very specific concern and allows all of them to have 100% code coverage.
From now on, I will stop supporting hapi-magic-filter
and I recommend you to drop it and keep reading.
Route-level validation requires the payload to be parsed (the same as joi). For each different output
type defined by the payload settings, you can use one of the following modules:
All of the above can be used outside the context of hapi, provided you respect their API.
Server-level validation (what hapi-magic-filter
does) leverages the new route-level validation modules to do most of the work, and in this case, you can choose wether to parse the payload or not, based on your needs. Also, regarding the payload
settings, and after the validation goes through, you always get what you asked for in the remaining request lifecycle steps (something that wasn't at all true with hapi-magic-filter
).
You can use one (or more) of the following modules for this:
output: 'data', parse: true
output: 'data', parse: false
output: 'stream', parse: true
output: 'stream', parse: false
output: 'file', parse: true
output: 'file', parse: false
Even the validation logic was extracted into two separate modules, each concerned about a specific step in the flow. The file signature matching is now being done with magik and the validation role in the request lifecycle is now established via configuration using supervizor. Both of them work by themselves in isolation, but the latter only makes sense alongside hapi.
Another important change was in the license. I've moved from MIT
to BSD-3-Clause
just because I think it can be a bit more useful while keeping the most important points of the first, so, eventually, nothing changes for the user.
I believe this is good for everyone. The new modules are easier to reason about and to maintain (both for me and you), have a smaller storage footprint (less code and narrowed dependencies) and have nice magician names. Honestly, I don't see any drawbacks here, but if you think you really need hapi-magic-filter
(believe me, you don't), I'm willing to assign it to a "lead" maintainer or even pass the project ownership to anyone interested. In any case, I'll be keeping the package and code available for now, but I won't be doing any update onwards.
When uploading a file, the following code in my handler will not put any data in the file, and the 'end' will not be called if I register happy-magic-filter. If I comment out the registration of magic the file will be saved just fine!
var writeStream = fs.createWriteStream(path);
writeStream.on('error', function (err) {
server.log('error', err);
});
request.payload.file.pipe(writeStream);
request.payload.file.on('end', function () {
reply('file saved');
};
When putting:
request.payload.file.resume();
after the 'end' function, some data was saved to the file, but not all. Is this an incompatibility with streams in node v0.10 and onwards which never calls pause() and resume()?
First let me say thanks for this package and also admit that I'm probably making a noob mistake. Here is my route:
server.route({
method: 'POST',
path: '/api/v1/postFile',
config: {
payload: {
output: 'stream',
maxBytes: 209715200,
parse: true,
allow: 'multipart/form-data'
},
handler: function (request, reply) {
var data = request.payload;
if (data.file) {
var name = data.file.hapi.filename;
var path = __dirname + "/uploads/" + name;
var file = fs.createWriteStream(path);
file.on('error', function (err) {
console.error(err)
});
data.file.pipe(file);
var fileuri = Path.join('http://localhost:3000/api/v1/', name);
data.file.on('end', function (err) {
var ret = {
filename: fileuri
}
reply(ret);
})
}
}
}
});
This works fine until I add payload validation with hapi-magic-filter, where I get a Malformed JSON reply.
server.register([
{
register: require('hapi-magic-filter'),
options: {
allowed: ['jpg', 'jpg', 'png']
}
}
], function (err) {
if (err) {
console.error('Failed to load a plugin:', err);
}
});
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.