Skip to content

Confidential properties (that are not serialized in .toJSON) #2

Description

@peritus

Hey,

here's what I monkey-patched in my project that is using node-api-problem:

// monkey patching 🐒
ApiProblem.prototype.toJSON = function toJSON () {
  const obj = {};
  for (const key in this) {
    if ({}.hasOwnProperty.call(this, key) && key !== 'confidential') {
      obj[key] = this[key];
    }
  }
  return obj;
};

Here's my motivation:

There are two way's the backend reports errors:

  1. to the user, using res.send(err.toJSON());, etc.
  2. to our internal error reporting

both of these have a different purpose / detail level, e.g.

  1. the consumer of the API will only get to know that something went wrong, some details that could help with debugging, but it's mostly very sparse and with generic error messages
  2. the internal reporting has lots of details, i. e. what went wrong, why, the causing error, the log level, the user record, request id, extra debugging data, etc.

Using the above monkey patch, we store the confidential information inside the ApiProblem instance from the moment that instance is created and are able to do the error reporting / logging in the express middleware.

Could node-api-problem support the use case described above without the need for a monkey patch ?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions