@dcl/schema-validator-component
v1.0.2
Published
Schema validator component for core components library
Readme
Schema Validator Component (@dcl/schema-validator-component)
A component that exposes a middleware to be used to validate JSON schemas in HTTP bodies.
Features
- Validation of AJV schemas.
Usage
import { createSchemaValidatorComponent } from '@dcl/schema-validator-component'
const schema = {
type: 'object',
properties: {
aTestProp: {
type: 'string'
}
},
required: ['aTestProp']
}
const { withSchemaValidatorMiddleware } = createSchemaValidatorComponent()
router.post('/v1/test', withSchemaValidatorMiddleware(schema))The component also exposes addSchema and validateSchema for validating payloads outside the middleware:
const validator = createSchemaValidatorComponent()
validator.addSchema(schema, 'my-schema')
const { valid, errors } = validator.validateSchema('my-schema', payload)Options
| Option | Type | Default | Description |
| ----------------------- | --------- | ------- | -------------------------------------------------------------------------------------------- |
| ensureJsonContentType | boolean | true | When true, the middleware rejects requests whose Content-Type is not application/json. |
Notes
- Each call to
withSchemaValidatorMiddlewareregisters the schema under a random key in the shared Ajv instance. Register middlewares once at startup rather than per request, otherwise registered schemas will accumulate in memory. - A request whose
Content-Typeis notapplication/jsonis rejected with HTTP415 Unsupported Media Type(values likeapplication/json; charset=utf-8are accepted). - The middleware reads the entire request body into memory via
request.clone().json(). To bound body size, put a body-size limit in front of it — the@dcl/http-servermaxBodySizeoption or itscreateBodySizeLimitMiddleware, which cap the body at the transport layer while streaming. - When the body read fails with an error that already carries an HTTP
status/statusCode(for example a413raised by an upstream@dcl/http-serverbody-size limiter on a chunked body), the middleware surfaces that status rather than masking it as a generic400. Errors without a status (genuine JSON parse failures) still return400. addSchemareplaces any schema already registered under the given key, so repeated calls (e.g. from a hot-reload path) are safe.
