From 503f5f315f1cd5c73c55d9adab07e6d019e4c556 Mon Sep 17 00:00:00 2001 From: stringsplit <77242831+nbitzz@users.noreply.github.com> Date: Wed, 4 Oct 2023 10:41:21 -0700 Subject: [PATCH] api-v1: start work on sanitize middleware func --- src/server/lib/middleware.ts | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/src/server/lib/middleware.ts b/src/server/lib/middleware.ts index a4c609c..a1d5fb2 100644 --- a/src/server/lib/middleware.ts +++ b/src/server/lib/middleware.ts @@ -74,7 +74,7 @@ export const noAPIAccess: RequestHandler = function(req, res, next) { /** * @description Blocks requests based on whether or not the token being used to access the route is of type `User` unless a condition is met. - * @param tokenPermissions Permissions which your route requires. + * @param condition Permissions which your route requires. * @returns Express middleware */ @@ -84,4 +84,33 @@ export const noAPIAccessIf = function(condition: (acc:Account, token:string) => if (auth.getType(reqToken) == "App" && !condition(res.locals.acc, reqToken)) ServeError(res, 403, "apps are not allowed to access this endpoint") else next() } +} + +type SchemeType = "array" | "object" | "string" | "number" | "boolean" + +interface SchemeObject { + type: "object" + children: { + [key: string]: SchemeParameter + } +} + +interface SchemeArray { + type: "array", + children: SchemeParameter /* All children of the array must be this type */ + | SchemeParameter[] /* Array must match this pattern */ +} + +type SchemeParameter = SchemeType | SchemeObject | SchemeArray + +/** + * @description Blocks requests based on whether or not the token being used to access the route is of type `User` unless a condition is met. + * @param tokenPermissions Permissions which your route requires. + * @returns Express middleware + */ + +export const sanitize = function(scheme: SchemeObject):RequestHandler { + return function(req, res, next) { + + } } \ No newline at end of file