常用包
- 框架:
yarn add express - 数据库链接:
yarn add sequelize
yarn add mysql2 - 处理 favicon:
yarn add serve-favicon - 纪录日志:
yarn add morgan - 生成文档:
yarn add --dev apidoc - 解析请求参数:
yarn add body-parser - 设置 HTTP 头(提高安全性):
yarn add helmet - 文件变动监控(自动重启):
yarn add --dev nodemon (启动服务器脚本中替换 node 即可) - 允许 cors 请求:
yarn add cors - 压缩数据:
yarn add compression - 响应时间:
yarn add response-time - 数据伪造:
yarn add faker
– 数据验证:
yarn add express-validator - 进程管理:
yarn add --dev pm2
带重启(nodemon用于开发环境),日志,负载均衡
serve-favicon
优点:把请求 favicon 的记录从日志中去除。缓存 icon 提高性能。使用兼容性最好的 Content-Type。
使用方式:
var favicon = require('serve-favicon')
app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')))
morgan
使用方式:
var morgan = require('morgan')
app.use(morgan('combined')) //参数可选 dev tiny 或自定义输出日志格式,详见文档
// 导出日志文件
var express = require('express')
var fs = require('fs')
var morgan = require('morgan')
var path = require('path')
var app = express()
// create a write stream (in append mode)
var accessLogStream = fs.createWriteStream(path.join(__dirname, 'access.log'), {flags: 'a'})
// setup the logger
app.use(morgan('combined', {stream: accessLogStream}))
body-parser
使用方式:
var bodyParser = require('body-parser')
// parse application/x-www-form-urlencoded
app.use(bodyParser.urlencoded({ extended: false }))
//设置 false 使用 querystring 解析,处理 ajax 提交的复杂数据更在行。(true 使用 qs 解析)
// parse application/json
app.use(bodyParser.json())
apidoc
使用方式:
生成文档命令: apidoc -i routes/ -o doc/
( routes 是程序入口,doc 是文档出口)
注释示例:
/**
* @api {get} /user/:id Read data of a User
* @apiVersion 0.3.0
* @apiName GetUser
* @apiGroup User
* @apiPermission admin
*
* @apiDescription Compare Verison 0.3.0 with 0.2.0 and you will see the green markers with new items in version 0.3.0 and red markers with removed items since 0.2.0.
*
* @apiParam {String} id The Users-ID.
*
* @apiSuccess {String} id The Users-ID.
* @apiSuccess {Date} registered Registration Date.
* @apiSuccess {Date} name Fullname of the User.
* @apiSuccess {String[]} nicknames List of Users nicknames (Array of Strings).
* @apiSuccess {Object} profile Profile data (example for an Object)
* @apiSuccess {Number} profile.age Users age.
* @apiSuccess {String} profile.image Avatar-Image.
* @apiSuccess {Object[]} options List of Users options (Array of Objects).
* @apiSuccess {String} options.name Option Name.
* @apiSuccess {String} options.value Option Value.
*
* @apiError NoAccessRight Only authenticated Admins can access the data.
* @apiError UserNotFound The <code>id</code> of the User was not found.
*
* @apiErrorExample Response (example):
* HTTP/1.1 401 Not Authenticated
* {
* "error": "NoAccessRight"
* }
*/
helmet
var express = require('express')
var helmet = require('helmet')
var app = express()
app.use(helmet())
cors
使用方式:
// 允许所有跨域请求
var express = require('express')
var cors = require('cors')
var app = express()
app.use(cors())
// 允许某路由的跨域请求
app.get('/products/:id', cors(), function (req, res, next) {
res.json({msg: 'This is CORS-enabled for a Single Route'})
})
// 允许某些域的请求
var whitelist = ['http://example1.com', 'http://example2.com']
var corsOptions = {
origin: function (origin, callback) {
if (whitelist.indexOf(origin) !== -1) {
callback(null, true)
} else {
callback(new Error('Not allowed by CORS'))
}
}
}
app.get('/products/:id', cors(corsOptions), function (req, res, next) {
res.json({msg: 'This is CORS-enabled for a whitelisted domain.'})
})
// 允许 GET/POST 以外的请求
app.options('/products/:id', cors()) // enable pre-flight request for DELETE request
app.del('/products/:id', cors(), function (req, res, next) {
res.json({msg: 'This is CORS-enabled for all origins!'})
})
// 对所有路由允许
app.options('*', cors()) // include before other routes
compression
使用方式:
var compression = require('compression')
var express = require('express')
var app = express()
app.use(compression({filter: shouldCompress}))
function shouldCompress (req, res) {
if (req.headers['x-no-compression']) {
// don't compress responses with this request header
return false
}
// fallback to standard filter function
return compression.filter(req, res)
}
response-time
使用方式:
该中间件将响应时间写在响应头 X-Response-Time
中
var express = require('express')
var responseTime = require('response-time')
var app = express()
// 统计响应进入该中间件到写完响应头的毫秒数
app.use(responseTime())
express-validator
// 初始化
app.use(expressValidator())
// this line must be immediately after any of the bodyParser middlewares!
// 检查参数是否符合标准
req.check('testparam', 'Error Message').notEmpty().isInt()
// 将参数转化为
req.sanitize('postparam').toBoolean()
// 返回验证结果
req.getValidationResult().then(function(result) {
// do something with the validation result
})
pm2
pm2 start app.js --name="api" # Start application and name it "api"
pm2 stop all # Stop all apps
pm2 logs # Display logs of all apps
pm2 web 后访问 http://localhost:9615/ # 查看系统状态