Validating REST endpoints with JSON Schemas using Express and Node.js

I use the express, jsonschema and body-parser packages for Node.js in this example. Express allows us to easily create our server, JSONSchema’s Validator class is used to validate our client request input and body-parser is a tool to help us get a JSON representation of our request's body.

To install the previously mentioned packages simply run the following commands and you are ready to go.

npm install express body-parser jsonschema

The item for sale would have fields containing information about the seller as well as the properties of the item itself. We declare the following two schemas. Notice that the itemSchema object holds a reference to our userSchema object and that all mandatory properties are defined as required.

var userSchema = { "id":"/User", "type":"object", "properties":{  "username": {"type":"string"},  "email": {   "type": "string",   "format" : "email"  },  "votes": {"type": "integer"} }, "required" :["username","email","votes"]};var itemSchema = { "id":"/Item", "type":"object", "properties": {  "price": {"type":"number"},  "width": {"type":"integer"},  "height": {"type":"integer"},  "added": {"type": "string",  "format": "date-time"},  "seller": {"$ref": "/User"},  "image": {   "type": "string",   "format": "uri"  } }, "required" :["price","width","height","added","seller"]};var validator = new jsonValidator();validator.addSchema(userSchema,"/User");

In order to instantiate our validator and link our two schemas we instantiate a new validator object and call addSchema as shown above.

Validating our client request is fairly easy at this point, but we must check that our request contains the "Content-Type application/json" header and more importantly that we provide our validator with the option of throwing an error on an invalid comparison. With that said you can see validating our header and request body.

if(req.get("Content-Type")!="application/json") { res.status(401).send("Invalid header format"); return;}try { validator.validate(req.body,itemSchema, "throwError":true});} catch(error) { res.status(401).end("Invalid body format: " + error.message); return;}

I am using Postman to generate a valid and an invalid request as shown below.

var express = require('express');var jsonValidator = require('jsonschema').Validator;var bodyParser = require('body-parser');var app = express();app.use(bodyParser.urlencoded({ extended: false }));app.use(bodyParser.json());var userSchema = {  id: '/User',  type: 'object',  properties: {    username: { type: 'string' },    email: {      type: 'string',      format: 'email'    },    votes: { type: 'integer' }  },  required: ['username', 'email', 'votes']};var itemSchema = {  id: '/Item',  type: 'object',  properties: {    price: { type: 'number' },    width: { type: 'integer' },    height: { type: 'integer' },    added: {      type: 'string',      format: 'date-time'    },    seller: { $ref: '/User' },    image: {      type: 'string',      format: 'uri'    }  },  required: ['price', 'width', 'height', 'added', 'seller']};var validator = new jsonValidator();validator.addSchema(userSchema, '/User');app.post('/validate', function(req, res) {  if (req.get('Content-Type') != 'application/json') {    res.status(401).send('Invalid header format');    return;  }  try {    validator.validate(req.body, itemSchema, { throwError: true });  } catch (error) {    res.status(401).end('Invalid body format: ' + error.message);    return;  }  res.status(200).send('Valid request format');});app.listen(8000, function() {  console.log('Validation app listening on port 8000');});