cdimascio/express-openapi-validator

GitHub: cdimascio/express-openapi-validator

一个 Express 中间件库,通过 OpenAPI 3.0/3.1 规范自动验证 API 请求和响应的合法性。

Stars: 1002 | Forks: 235

# express-openapi-validator [![build workflow](https://static.pigsec.cn/wp-content/uploads/repos/2026/04/d00bbb6ab7103638.svg)](#) [![](https://img.shields.io/npm/v/express-openapi-validator.svg)](https://www.npmjs.com/package/express-openapi-validator) [![](https://img.shields.io/npm/dm/express-openapi-validator?color=blue)](https://www.npmjs.com/package/express-openapi-validator) [![All Contributors](https://img.shields.io/github/contributors/cdimascio/express-openapi-validator )](#contributors) [![Coverage Status](https://coveralls.io/repos/github/cdimascio/express-openapi-validator/badge.svg?branch=master)](https://coveralls.io/github/cdimascio/express-openapi-validator?branch=master) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/1570a06f609345ddb237114bbd6ceed7)](https://www.codacy.com/manual/cdimascio/express-openapi-validator?utm_source=github.com&utm_medium=referral&utm_content=cdimascio/express-openapi-validator&utm_campaign=Badge_Grade) [![](https://img.shields.io/gitter/room/cdimascio-oss/community?color=%23eb205a)](https://gitter.im/cdimascio-oss/community) [![Gitpod Ready-to-Code](https://img.shields.io/badge/Gitpod-Ready--to--Code-blue?logo=gitpod)](https://gitpod.io/#https://github.com/cdimascio/express-openapi-validator) [![](https://img.shields.io/badge/documentation-yes-informational)](https://cdimascio.github.io/express-openapi-validator-documentation/) [![](https://img.shields.io/badge/license-MIT-blue.svg)](#license) **一个用于 ExpressJS 的 OpenApi 验证器**,可自动使用 **OpenAPI 3** 规范验证 **API** _**请求**_ 和 _**响应**_。

[🦋express-openapi-validator](https://github.com/cdimascio/express-openapi-validator) 是一个无偏见的库,可与新的和现有的 API 应用程序集成。express-openapi-validator 让你按自己的方式编写代码;它不强制任何编码约定或项目布局。只需将验证器安装到你的 express 应用上,指向你的 **OpenAPI 3.0.x** 或 **3.1.x** 规范,然后按你喜好的方式定义和实现路由。查看[示例](https://cdimascio.github.io/express-openapi-validator-documentation/guide-standard/)。 **功能:** - ✔️ 请求验证 - ✔️ 响应验证(仅支持 json) - 👮 安全验证 / 自定义安全函数 - 👽 第三方 / 自定义格式 / 自定义数据序列化反序列化 - 🧵 可选自动将 OpenAPI 端点映射到 Express 处理函数 - ✂️ **$ref** 支持;将规范拆分到多个文件 - 🎈 文件上传 - ✏️ OpenAPI 3.0.x 和 3.1.x 规范支持 - ✨ Express 4 和 5 支持 **文档:** - 📖 [文档](https://cdimascio.github.io/express-openapi-validator-documentation/) [Express 5](https://expressjs.com/en/5x/api.html) 支持在 `>=v5.5.0` 中可用! [OAS 3.1](https://github.com/cdimascio/express-openapi-validator/pull/882) 支持在 `>=v5.4.0` 中可用! [NestJS](https://github.com/cdimascio/express-openapi-validator/tree/master/examples/9-nestjs) [Koa](https://github.com/cdimascio/express-openapi-validator/tree/lerna-fastify/packages/koa-openapi-validator) 和 [Fastify](https://github.com/cdimascio/express-openapi-validator/tree/lerna-fastify/packages/fastify-openapi-validator) 现已可用!🚀 ## 安装 ``` npm install express-openapi-validator ``` ## 使用方法 1. 引入/导入 openapi 验证器 ``` const OpenApiValidator = require('express-openapi-validator'); ``` 或者 ``` import * as OpenApiValidator from 'express-openapi-validator'; ``` 2. 安装中间件 ``` app.use( OpenApiValidator.middleware({ apiSpec: './openapi.yaml', validateRequests: true, // (default) validateResponses: true, // false by default }), ); ``` 3. 注册错误处理器 ``` app.use((err, req, res, next) => { // format error res.status(err.status || 500).json({ message: err.message, errors: err.errors, }); }); ``` _**重要:** 确保 express 配置了所有相关的 body 解析器。Body 解析器中间件函数必须在任何被验证的路由之前指定。查看[示例](#example-express-api-server)_。 ## [文档](https://cdimascio.github.io/express-openapi-validator-documentation/) 查看[文档](https://cdimascio.github.io/express-openapi-validator-documentation/)以获取完整的文档 _已弃用_ [旧文档](https://github.com/cdimascio/express-openapi-validator/wiki) ## 许可证 [MIT](LICENSE Buy Me A Coffee
标签:API安全, API密钥检测, API规范, API验证, ExpressJS, Express中间件, GNU通用公共许可证, JSON输出, JSON验证, MITM代理, Node.js, OpenAPI, OpenAPI 3.0, OpenAPI 3.1, REST API, Swagger, Web框架, 中间件, 响应验证, 数据可视化, 数据验证, 自动化攻击, 自动验证, 请求验证, 输入验证