Comments (5)
Looks like the validator middleware only gets pushed onto the app not the routes:
express-openapi-validator/dist/index.js
if (this.options.validateRequests)
use.push(validateMiddleware);
if (this.options.validateResponses)
use.push(resOav.validate());
app.use(use);
I imagine this is the issue.
from express-openapi-validator.
ok wow, did more digging and it turns out that the order in which the middlewares are added matters
:(
Validates correctly
const app = express();
new OpenApiValidator({
apiSpec: './workflow-tracker-openapi.yml',
validateRequests: true,
validateResponses: true,
}).install(app);
app.use(bodyParser.json());
app.use(express.json());
app.use('/v1', progressRouter);
Does not validate
const app = express();
app.use('/v1', progressRouter);
new OpenApiValidator({
apiSpec: './workflow-tracker-openapi.yml',
validateRequests: true,
validateResponses: true,
}).install(app);
app.use(bodyParser.json());
app.use(express.json());
from express-openapi-validator.
Let me know if you'd like me to open up a pr to talk about this in the documentation
from express-openapi-validator.
I believe the issue is the fact in the second example (Does not validate), the bodyParser
middleware is setup after the routes
are setup. To parse json, text, etc the parse middleware should come earlier in the chain
Assuming this is the case, perhaps, a note should be added to the documentation.
Note that I can certainly have the validator install the parser middleware automatically, however I feel the choice of parser should be left to the user and not to the library.
from express-openapi-validator.
@SpencerLawrenceBrown i've added some notes to the doc. feel free to provide feedback. thanks!
from express-openapi-validator.
Related Issues (20)
- The validation doesn't work at all HOT 2
- Question: should serdes.serialize be called when validateResponse=false
- Serdes Does Not Work for Items in Request Parameters in Array HOT 1
- HTTP HEAD not implemented for HTTP GET similar to ExpressJS v4.
- Multer worked on 5.0.1 throws internal server error in 5.1.0 HOT 5
- Introduction of multiple swagger docs with new endpoint now versioned returns 404 HOT 2
- the same oneOf schema can pass request validation. But cannot pass response validation
- version 5.1.1, apiKey cookie authentication results in error HOT 1
- Email format validation does not accept non-ascii characters
- Multiple spec support breaks if validateResponses: true HOT 2
- readonly is ignored when properties are inherited through allOf
- Type coercion stops working if request validation is turned off HOT 1
- Support for the HyperExpress web framework HOT 1
- Multiple path params break support for URI path param HOT 1
- Upgrade or replace lodash
- Server variables without enum don't get validated
- Multiple specs are not supported HOT 1
- Found CVE-2021-23337 in latest version of express-openapi-validator HOT 1
- Request body is marked as invalid, using `oneOf` inside `allOf`
- Request body schema validations are skipped when using multiple external refs
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from express-openapi-validator.