UNPKG

@directus/api

Version:

Directus is a real-time API and App dashboard for managing SQL database content

directus.io

directus/directus

30 lines (29 loc) 938 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
/** * Sanitize query parameters. * This ensures that query params are formatted and ready to go for the services. */ import { sanitizeQuery } from '../utils/sanitize-query.js'; import { validateQuery } from '../utils/validate-query.js'; const sanitizeQueryMiddleware = async (req, _res, next) => { req.sanitizedQuery = {}; if (!req.query) return; // Skip sanitization and validation if query is empty if (Object.keys(req.query).length === 0) { Object.freeze(req.sanitizedQuery); return next(); } try { req.sanitizedQuery = await sanitizeQuery({ fields: req.query['fields'] || '*', ...req.query, }, req.schema, req.accountability || null); Object.freeze(req.sanitizedQuery); validateQuery(req.sanitizedQuery); } catch (error) { return next(error); } return next(); }; export default sanitizeQueryMiddleware;