From 127b99737cf26dbfc5fb7b1a009220095eee51e9 Mon Sep 17 00:00:00 2001
From: Vytor Calixto <vytorcalixto@gmail.com>
Date: Tue, 23 May 2017 10:46:09 -0300
Subject: [PATCH] Add validation to message API

---
 package.json               |  1 +
 src/libs/app.js            |  5 ++++-
 src/libs/routes/message.js | 35 ++++++++++++++++++++++-------------
 3 files changed, 27 insertions(+), 14 deletions(-)

diff --git a/package.json b/package.json
index 6b93002..298d38e 100644
--- a/package.json
+++ b/package.json
@@ -25,6 +25,7 @@
     "debug": "~2.3.x",
     "dirty-chai": "^1.2.2",
     "express": "^4.13.0",
+    "express-validator": "^3.2.0",
     "js2xmlparser": "^2.0.2",
     "jwt-simple": "^0.5.0",
     "lodash": "^4.17.2",
diff --git a/src/libs/app.js b/src/libs/app.js
index c5baa17..acb4dd1 100644
--- a/src/libs/app.js
+++ b/src/libs/app.js
@@ -22,8 +22,11 @@ const mongoose = require(`${libs}/db/mongoose`);
 
 const db = mongoose();
 
+const expressValidator = require('express-validator');
+
 app.use(bodyParser.json());
-app.use(bodyParser.urlencoded({ extended: false }));
+app.use(bodyParser.urlencoded({ extended: true }));
+app.use(expressValidator());
 app.use(cookieParser());
 // Enable Cross-Origin Resource Sharing (CORS)
 app.use(cors());
diff --git a/src/libs/routes/message.js b/src/libs/routes/message.js
index ff7124b..308cecb 100644
--- a/src/libs/routes/message.js
+++ b/src/libs/routes/message.js
@@ -41,20 +41,29 @@ messageApp.put('/:id', (req, res, next) => {
 });
 
 messageApp.post('/', (req, res, next) => {
-    let message = new Message({
-        author: {
-            name: req.body.name,
-            email: req.body.email
-        },
-        contents: req.body.contents
-    });
-
-    message.save((err) => {
-        if(err) {
-            res.status(500).json({error: 'Erro do servidor', text: 'O servidor encontrou um erro ao processar a requisição', err});
+    req.checkBody('name', 'Nome é um campo obrigatório').notEmpty();
+    req.checkBody('email', 'Email é um campo obrigatório').notEmpty();
+    req.checkBody('contents', 'O conteúdo da mensagem é um campo obrigatório').notEmpty();
+    req.getValidationResult().then(function(result) {
+        if (!result.isEmpty()) {
+            res.status(400).send({errors: result.array()});
+            return;
         }
-        res.json(message);
-    })
+        let message = new Message({
+            author: {
+                name: req.body.name,
+                email: req.body.email
+            },
+            contents: req.body.contents
+        });
+
+        message.save((err) => {
+            if(err) {
+                res.status(500).json({error: 'Erro do servidor', text: 'O servidor encontrou um erro ao processar a requisição', err});
+            }
+            res.json(message);
+        });
+    });
 });
 
 module.exports = messageApp;
-- 
GitLab