how do I send complex criteria in a get request?

I have this db where I need to fetch a certain data from a certain table, and I want that data to be filtered depending on the client's needs. and the filtration goes like this.
const body = {
props: ['title', 'id', 'qrCode'],
filters: {hash: 'soemrandomasshash', providerID: 'somerandomassid'}
}
const body = {
props: ['title', 'id', 'qrCode'],
filters: {hash: 'soemrandomasshash', providerID: 'somerandomassid'}
}
so I have to filter what the response should be, as well as I filter the rows of that db. and I find it really stupid to use get request for this. I've read that you should always use get when fetching data. but currently my route is like this:
app.post('get/item', somerandomasscallback)
app.post('get/item', somerandomasscallback)
I know it's a bad practice. so what do I do? chromium won't let me use the body of the get method. I didn't read about this... but I think it's so stupid. I mean why not just let me structure my stuff in a stupid body.
6 Replies
Christoph
Christoph3y ago
I don't quite follow where you're having problems as you're talking about database queries and api requests in the same sentence. General thoughts: 1) Why not filter in the database query itself? You shouldn't have to filter what you get from a SQL query. 2) GET doesn't have a body. Only parameters. Why can't you pass the data as GET parameters? 3) Don't think too much about what you 'should' do and think about what makes sense for the end-user of that api. If POST fits better, use POST. I'm happy to help more if you post some code to review.
venego
venegoOP3y ago
oh I'm bad at explaining my problem. - the thing is a client needs a really specific data from the server, therefore the clients needs to send the body object above. since it's the proper way I see you get that really specific data. and I though that must go in a the body property. - then the server would take that object and make a query out of it, and that query is going to get the specific data needed. so how do I make the body object above fit into GET parameters? do I just stringify it? it's not that big, so it can definitely be sent as a GET parameter. I'm I gonna brake the standards if I just used the parameters on all the CRUD methods? just wanna make things consistent. although not clean but I'm going to abstract it.
Christoph
Christoph3y ago
It looks like you‘re using Express. You can simply pass your data as http://localhost:4000/?fields=title&fields=id&fields=qrCode&hash=abc&provider=123 And inside app.get you‘ll find it in req.query Is that what you're looking for?
venego
venegoOP3y ago
well, that's what I'm trying to avoid, it's not clean at all. it's gonna make my code ugly. since I do a loop through those fields add them to the prisma's query object:
let query = {data: {where: {username}, select: {}}};
// loops through the props
reqBody.props.forEach((prop) => {
query.select[prop] = true;
});
// loops through the filters
const filters = Object.keys(reqBody.filters);
filters.forEach((filterKey) => {
if (filterKey != 'username') {// prevents ront-end specifying the user front-end
query.where[filterKey] = getTrueType(filterKey, reqBody.filters[filterKey]);
}
});
return prismaQuery('findMany', table, query);// this returns the prisma promise to the controller

let query = {data: {where: {username}, select: {}}};
// loops through the props
reqBody.props.forEach((prop) => {
query.select[prop] = true;
});
// loops through the filters
const filters = Object.keys(reqBody.filters);
filters.forEach((filterKey) => {
if (filterKey != 'username') {// prevents ront-end specifying the user front-end
query.where[filterKey] = getTrueType(filterKey, reqBody.filters[filterKey]);
}
});
return prismaQuery('findMany', table, query);// this returns the prisma promise to the controller

I'm trying to make things more generic. but... in your suggestion... isn't that gonna override the fields parameter?
Christoph
Christoph3y ago
It shouldn't. Thats an ExpressJS thing. Your code could look cleaner using Array.map. Maybe you already du, but for the sake of it: Make sure you validate the user input before using it in a query.
venego
venegoOP3y ago
yh I follow best practices thanks
Want results from more Discord servers?
Add your server