@huz-com/middleware-core NPM

Huz.Com > Component > Middleware Core

helmet, cors, body, cookie, header, query, default endpoints and most-used middlewares

Standards

Language: TS
Eslint: Yes
Static Code Analysis: Yes IntelliJ Code Inspections
DDD - Document Driven: Yes
EDD - Exception Driven: Yes
TDD - Test Driven: Yes go to test folder
Standards Complied: Huz Standards

Commands

npm run clear // clears "dist" folder
npm run lint // runs eslint for static code analysis
npm run test // runs test files in "test" folder
npm run build // builds JS files at "dist" folder
npm publish or npm run publix // publishes "dist" folder to npm

Install

npm i @huz-com/middleware-core

Sample - Easy

const {MiddlewareCore} = require('@huz-com/middleware-core');
// ES6: import {middlewareCore} from "@huz-com/middleware-core";

const app = express();
const middlewareCore = MiddlewareCore.with(app);

middlewareCore.initDefaultHandlers();
/*
it calls: 
    .helmet().cors().urlEncode() // for security
    .json().cookie().queryString().toHeader().requestCustom() // for formatting
    .readiness().liveness().status() // for default endpoints
    .count() // processors (call counter)
    ;
*/ 

// ...................................................
// Your custom codes (other middlewareCores, other routes)
// ...................................................

middlewareCore.finalDefaultHandlers();
/*
it calls: 
    empty().notFound().generalError() // for error handling
    ;
*/

Sample - Detailed

const {MiddlewareCore, ProcessExitType} = require('@huz-com/middleware-core');
// ES6: import {middlewareCore} from "@huz-com/middleware-core";

const app = express();
const middlewareCore = MiddlewareCore.with(app);

//initializer functions
middlewareCore
    .helmet() // (options), def: null, ie: ##helmet
    .cors() // (options), def: null, ie: ##cors
    .urlEncode() // (options), def: { extended: false }, ##body-parser
    .json() // (options), def: null, ##body-parser
    .cookie() // (secret, options), ie: ##cookie-parser
    .queryString() // (options), def: {depth: 12}, ##qs
    .toHeader() // (options), def: {prefix: '__'}
    .requestCustom() // (value), def: {}  
    .readiness((req) => null) // if success callback should return null, else error message
    .liveness((req) => null) // // if success callback should return null, else error message
    .status() // (path: string), def: status
    .count() // counts endpoint calls
    
    // other middlewares
    // calculates endpoint duration
    .duration((req, path, msec) => console.log(`>> ${path} consumes ${msec}`)) // it takes async function to process duration
    // catches all method:options calls
    .corsOptions() // (path, options), def: ('*', null) ie: ##cors
    ;

// ...................................................
// Your custom codes (other middlewareCores, other routes)
// ...................................................

//finalizer functions
middlewareCore
    .empty() // Throws when empty endpoint or route
    .notFound() // (...ignoredPaths: Array<string>) you can give ignored paths like ('c-panel', 'admin')
    .generalError() // Throws when unhandled error
    .onExit({ // triggers on exit, you can set events which you need
        beforeExit: (type, ...args) => {}, // triggers before exit
        afterExit: (type, ...args) => {}, // triggers after exit (after below)
        uncaughtException: (type, ...args) => {}, // when error
        exit: (type, ...args) => {}, // any exit
        SIGINT: (type, ...args) => {}, // ctrl+c event or normally exit
        SIGUSR1: (type, ...args) => {}, // kill process
        SIGUSR2: (type, ...args) => {}, // kill process
        SIGTERM: (type, ...args) => {}, // administratively terminate a process
        SIGQUIT: (type, ...args) => {}, // kill process with dumps core
    })
    ;

Dependency

middlewareCore.helmet

Initializer add before your custom routers or middlewareCores
Npm Package helmet

It enables small security middlewareCores
contentSecurityPolicy: CSP: Content Security Policy by Mozilla
sets Content-Security-Policy
sets Content-Security-Policy-Report-Only
dnsPrefetchControl: X-DNS-Prefetch-Control by Mozilla
expectCt: Expect-CT by Mozilla
frameGuard: X-Frame-Options by Mozilla
hidePoweredBy: X-Powered-By by Mozilla
hsts: HSTS: HTTP Strict Transport Security by Mozilla
ieNoOpen: X-Download-Options by NWebsec
noSniff: X-Content-Type-Options by Mozilla
permittedCrossDomainPolicies: X-Permitted-Cross-Domain-Policies by OWASP
referrerPolicy: Referrer-Policy by Mozilla
xssFilter: XSS: Cross-Site Scripting by OWASP