34 lines
969 B

function sanitize( req, sanitizers, cb ){
// init an object to store clean (sanitized) input parameters if not initialized
req.clean = req.clean || {};
// init errors and warnings arrays if not initialized
req.errors = req.errors || [];
req.warnings = req.warnings || [];
// source of input parameters
// (in this case from the GET querystring params)
var params = req.query || {};
for (var s in sanitizers) {
var sanity = sanitizers[s]( params, req.clean );
// if errors occurred then set them
// on the req object.
if( sanity.errors.length ){
req.errors = req.errors.concat( sanity.errors );
}
// if warnings occurred then set them
// on the req object.
if( sanity.warnings.length ){
req.warnings = req.warnings.concat( sanity.warnings );
}
}
// @todo remove these args, they do not need to be passed out
return cb( undefined, req.clean );
}
// export function
module.exports = sanitize;