Express.js Adapter
The @zenstackhq/server/express module provides a quick way to install a full set of CRUD API onto Express.js apps. Combined with ZenStack's powerful access policies, you can achieve a secure data backend without manually coding it.
Installation​
- npm
- pnpm
- bun
- yarn
npm install @zenstackhq/server@next
pnpm add @zenstackhq/server@next
bun add @zenstackhq/server@next
yarn add @zenstackhq/server@next
Mounting the API​
You can integrate ZenStack into your project with the ZenStackMiddleware express middleware:
import express from 'express';
import { ZenStackMiddleware } from '@zenstackhq/server/express';
import { RPCApiHandler } from '@zenstackhq/server/api';
import { getSessionUser } from '~/auth';
import { client } from '~/db';
import { schema } from '~/zenstack/schema';
const app = express();
app.use(express.json());
app.use(
'/api/model',
ZenStackMiddleware({
apiHandler: new RPCApiHandler({ schema }),
// getSessionUser extracts the current session user from the request, its
// implementation depends on your auth solution
getClient: (request) => client.$setAuth(getSessionUser(request)),
})
);
The Express.js adapter takes the following options to initialize:
-
getClient (required)
(request: Request, response: Response) => ClientContract<Schema> | Promise<ClientContract<Schema>>
A callback for getting a ZenStackClient instance for talking to the database. Usually you'll return a client instance with access policy enabled and user identity bound.
-
apiHandler (required)
ApiHandler
The API handler instance that determines the API specification.
-
sendResponse (optional)
boolean
Controls if the middleware directly sends a response. If set to false, the response is stored in the
res.localsobject and then the middleware calls thenext()function to pass the control to the next middleware. Subsequent middleware or request handlers need to make sure to send a response.Defaults to
true.
Error Handling​
Refer to the specific sections for RPC Handler and RESTful Handler.