Most Node.js framework requires to pass an object representing the current HTTP request through every layers of the application. This is most visible in Expressjs-based applications:
// TODO middleware example
Other frameworks, will create an wrapping object around the raw Node.js request:
// TODO hapi link
But at the end of the day, developers end up passing bloated objects representing the requests through their codebase: For instance, let’s say I have a method that authenticate a user, one can expect the signature of such function to be:
function auth(username: string, password: string): Promise
Let’s say that this method need to log login failures, one could add a logger line to it:
// TODO log line
But now, for audit reasons, the developer is required to log the user agent of the client trying to authenticate but only when there is a authentication failure, a couple solutions appear:
- Logging into the controller, and not generate any log from the auth function
- Passing the user agent to auth, only for potential logging purpose
- Passing the whole request object to the logging method allowing it to operate any side effect it want on it (like arbitrarily changing the value of a field of that object)
Most framework have decided to go along with this constrain and provide a way to pass the current request to an auth method:
- Passport-basic: https://github.com/jaredhanson/passport-http/blob/master/lib/passport-http/strategies/basic.js#L95
- hapi-auth-basic: https://github.com/hapijs/hapi-auth-basic
What should a Node.js application look like then? This pattern seems to be part of Node.js culture since the beginning and most developers will just consider it as a nodism that will stay around.
I don’t think so. I believe it is time we provide a storage API in Node.js that would provide users with the possibility of requiring what is the current HTTP request from any part of the codebase. There are several userland implementations of such, but eventually, this should be part of Node.js core in order to provide a unique, safe and standard way to store transactional data.
(side note https://twitter.com/matteocollina/status/1067847965660930050)