Middlewares
You can also use middlewares to handle requests. Middlewares are functions that are called before the request is handled by the router. You can use them to handle authentication, logging, etc.
If a handler function doesn't return a Response
object, the request will be passed to the next
handler.
import { createRouter, Response } from 'fets'
const router = createRouter()
// Logging some headers before the response
.route({
path: '*',
handler: request => {
// Log some headers
console.log(`User Agent: ${request.headers.get('user-agent')}`)
}
})
// or stop the request earlier
.route({
path: '*',
handler: request => {
if (!request.headers.get('authorization')) {
return new Response(null, {
status: 401
})
}
}
})
.route({
path: '/users',
method: 'GET',
schemas: {
/** .. */
},
handler: request => {
// It doesn't reach here if the request doesn't have an `Authorization` header.
}
})
Chaining handlers
You can also chain multiple handlers to a single route. In the following example, we are checking if
the request has an Authorization
header and if the user is an admin.
import { createRouter, Response, RouteHandler } from 'fets'
const withAuth: RouteHandler = request => {
if (!request.headers.get('Authorization')) {
return new Response(null, {
status: 401
})
}
}
const router = createRouter().route({
path: '/users',
method: 'GET',
schemas: {
/** .. */
},
handler: [
withAuth,
request => {
// It doesn't reach here if the request doesn't have an `Authorization` header.
}
]
})
Using schemas
instead of middlewares
Instead of middlewares, you can use the schemas directly to validate Authorization
header.
import { createRouter, Response } from 'fets'
const router = createRouter().route({
path: '/me',
method: 'GET',
schemas: {
request: {
headers: {
authorization: {
type: 'string',
// We can use a regex to validate the `Authorization` header.
pattern: /^Bearer .+$/
},
required: ['authorization']
}
},
response: {
/** .. */
},
handler: request => {
// It doesn't reach here if the request doesn't have a valid Bearer token in the `Authorization` header.
}
} as const
})