npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

express-mongo-rest-fork

v0.1.3

Published

An mongo-backed RESTful express route.

Downloads

5

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

pongstrpongstr

Keywords

Readme

express-mongo-rest

Node.js package to create an express middleware for a mongo-backed, RESTful API

var express = require('express')
var expressMongoRest = require('express-mongo-rest')
var app = express()
app.use('/api/v1', expressMongoRest('mongodb://localhost:27017/mydb'))
var server = app.listen(3000, function () {
    console.log('Listening on Port', server.address().port)
})

The middleware is schema-agnostic, allowing any json document to be persisted and retrieved from mongo.

| Route | Method | Notes | | ---------------- | ------ | --------------------------- | | /:collection | GET | Search the collection (uses query-to-mongo) | | /:collection | POST | Create a single document | | /:collection | PUT | Method Not Allowed | | /:collection | PATCH | Method Not Allowed | | /:collection | DELETE | Remove all documents | | /:collection/:id | GET | Retrieve a single document | | /:collection/:id | POST | Method Not Allowed | | /:collection/:id | PUT | Create or update a document | | /:collection/:id | PATCH | Update fields in a document (uses jsonpatch-to-mongodb) | | /:collection/:id | DELETE | Remove a single document |

API

expressMongoRest(db, options)

Create an express middleware that implements a RESTful API.

options:

  • envelope Return responses wrapped in a type envelope. This can be overriden per request by specifying an envelope query parameter.
  • singularize A function to change the collection name into it's singlur form (ie., 'users' becomes 'user'). Used when returning a envelope for a single instance. Default is inflection.singularize.

Use

I wanted to make it extremely simple to start a mongo-backed rest server, so npm start starts one. The server.js script employs many best-practices for rest servers such as using https, gzip, and method overrides.

You can configure the following options in the .env file (uses dotenv):

  • DB The url for the mongo database. Default is mongodb://localhost:27017/express-rest-mongo.
  • PORT The port to listen on. Default is 3000.
  • PFX Certificate, Private key and CA certficiates to use for SSL. Default is none.
  • KEY Private key to use for SSL. Default is none.
  • CERT Certificate, to use for SSL. Default is none. If neither of PFX or a KEY/CERT pair are specified, a self-sigend certificate and key is generated.

Querying documents

The query API (GET /:collection) uses a robust query syntax that interprets comparision operators (=, !=, >, <, >=, <=) in the query portion of the URL using query-to-mongo.

For example, the URL https://localhost/api/v1/users?firstName=John&age>=21 would search the users collection for any entries that have a firstName of "John" and an age greater than or equal to 21.

Patching documents

The patch document API (PATCH /:collection/:id) will update fields within a document. The API expects a JSON patch payload as defined in RFC 6902. The API uses jsonpatch-to-mongodb to interpret the patch.

An example patch using jQuery:

$.ajax('https://localhost/api/v1/users/2d0aa7b0-cf14-413e-9093-7bbba4f4b220', {
  method: 'PATCH',
  contentType: 'application/json',
  data: JSON.stringify([
    { op: 'replace', path: '/firstName', value: 'Johnathan' },
    { op: 'replace', path: '/age', value: 22 }
  ]),
  success: function (data, status, xhr) {...},
  error: function (xhr, status, err) {...}
})

Returning result envelopes

The APIs that return results (all except DELETE) can be set to wrap those results in a type envelope; either server-wide by specifying the envelope option when creating the middleware, or per request by including an envelope query paramter in the URL.

The type envelope will use the singularized name of the collection. The singularizer can be specified using the singularize option when creating the middleware. The default is inflection.singularize.

For example https://localhost/api/v1/users/2d0aa7b0-cf14-413e-9093-7bbba4f4b220?envelope=true returns:

{
  user: {
    id: '2d0aa7b0-cf14-413e-9093-7bbba4f4b220',
    firstName: 'John',
    age: 21
  }
}

and https://localhost/api/v1/users/2d0aa7b0-cf14-413e-9093-7bbba4f4b220?envelope=false returns:

{
  id: '2d0aa7b0-cf14-413e-9093-7bbba4f4b220',
  firstName: 'John',
  age: 21
}

The envelope for query results uses the collection name (and assumes it is plural); https://localhost/api/v1/users?envelope=true returns:

{
  users: [
    {
      id: '2d0aa7b0-cf14-413e-9093-7bbba4f4b220',
      firstName: 'John',
      age: 21
    },
    {
      id: 'abf445fd-04db-495e-82f7-77fbf369f7ee',
      firstName: 'Bob',
      age: 28
    }
  ]
}

Best Practices

The server script was strongly influenced by these articles about best practices for RESTful APIs.

Here's the list of recommendations from those articles. Items not yet supported are ~~struck-through~~:

  1. Use nouns but no verbs
  2. GET method and query parameters should not alter the state
  3. Use SSL everywhere
  4. ~~Have great documentation~~
  5. Use plural nouns
  6. ~~Use sub-resources for relations~~
  7. ~~Provide a way to autoload related resource representations~~
  8. Use HTTP headers for serialization formats
  9. ~~Use HATEOAS~~
  10. Provider filtering, sorting, field selection and paging for collections
    • Filtering
    • Sorting
    • Field selection
    • Paging
  11. Version your API
  12. Return something useful from POST, PATCH, & PUT requests
  13. Handle Errors with HTTP status codes
    • Use HTTP status codes
    • ~~Use error payloads~~
  14. Allow overriding HTTP method
  15. Use JSON where possible, ~~XML only if you have to~~ No application/xml support
  16. Pretty print by default & ensure gzip is supported
  17. Don't use response envelopes by default
  18. Consider using JSON for POST, PUT and PATCH request bodies No application/x-www-form-urlencoded or multipart/form-data support
  19. ~~Provide useful response headers for rate limiting~~
  20. ~~Use token based authentication, transported over OAuth2 where delegation is needed~~
  21. ~~Include response headers that facilitate caching~~

Todo

  • Address more best-practices in 'server.js'
    • Add schama validation (swagger-spec? json-schema?)
    • Add swagger.io for api documentation.
    • Add user authentication and authorization to API access (node-oauth2-server?)
    • Add rate limiting (express-limiter?)
    • Add OAuth2 (node-oauth2-server?)