1

The Nodejs functions return an error from try/catch scope, such as the one below if the user doesn't exist of if a database is not reachable:

router.delete('/delete/:email', async (req, res) => {
  var email = req.params.email;
  try {
    let result = await User.remove({"email": email});    
    res.status(204).send(email);
  } catch (err) {
    res.status(400).send(err);
  }
});

I can also return the Error from Nodejs server by myself:

return res.status(400).send(new Error(`The user with email ${email} doesn't exist.`));

The first problem is that I can't find the error message that is embedded somewhere deep in the body the returned Error object. It is stored in one of its 100+ attributes. Where should I look for it so I could display in on a screen for the end user to read it?

Then, the err object generated by the try/catch scope has a set of different attributes comparing to the Error object created with new Error("Here is my error message"). Is there a way to normalize the returned Errors so they all have the same or similar attributes?

Improve this question
4
  • did you used try catch also in angular's api call ? If you did then you should check err.response at catch block. Commented Aug 20, 2020 at 3:37
  • One Way to show logical errors efficiently always use status code 200 and create a generic JSON object for error using same attributes like err,message,code,stack etc.And show accordingly them at frontend. Commented Aug 20, 2020 at 3:40
  • Yes I did. It is hard to define the handleErrors function in Angular that is called by the catch scope because the Error objects passed to it all have different attributes. Commented Aug 20, 2020 at 3:41
  • Please post your response as an answer so we could vote it. Please illustrate your ideas with the supporting code. Commented Aug 20, 2020 at 3:42

2 Answers 2

Reset to default
1

You don't need to return the whole error object from the server, and arguably shouldn't since error messages can expose internals about your code and infrastructure.

One way you could handle this is to format and return an error message from the server yourself. Assuming you're using express this would look something like:

return res.status(400).json({ message: `The user with email ${email} doesn't exist.` });

Alternatively you could use an error handling middleware like strong-error-handler found here: https://github.com/strongloop/strong-error-handler which automatically builds a json formatted message that's easier to parse, but keep in mind that the content of the message differs depending on whether you set debug mode to true or no.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

If you want to develop a secure web application with nice error handling, i will suggest you the following structure.

Step 1. At front end divide your api calls in four main operations for e.g. inset,update,query and filter.

now whenever your page loads and you want to show some data fetched from server then your api call must be like 'https://domainname.tld/server/query' and send some payload with this api call according to need of your data requirements to be fetched.

At backend probably at Server.js handle like this :

app.all("/server/query", function (req, res) {
try {
    console.log(a);
    // some database or io blocking process
} catch (error) {
    // error handling
    var err = writeCustomError(error.message || error.errmsg || error.stack);
    res.status(417).json(err).end();
}

});

function writeCustomError(message) {
var errorObject = {};
errorObject.message = message;
errorObject.code = 10001; // as you want
errorObject.status = "failed";
return errorObject;

}

in try block you can also handle logical errors using same function i.e writeCustomError

So if you use this approach you can also implement end-to-end encryption and send only eP('encrypted payload') and eK('encryption Key'),by doing this end users and bad end users even can not evaluate your serve API calls.

If you are thinking how will you route different paths at server then simplest solution is send uri in payload from client to server for e.g

User wants to reset password :-

then

call api like this

https://domain.tld/server/execute and send Json object in payload like this {uri:"reset-password",old:"",new:""}.

at backend

use

app.all("/server/execute", function (req, res) {
try {
    // decrypt payload
    req.url = payload.uri;
    next();
} catch (error) {
    // error handling
    var err = writeCustomError(error.message || error.errmsg || error.stack);
    res.status(417).json(err).end();
}

});

app.all("/reset-password", function (req, res) {
try {
    // reset logic
} catch (error) {
    // error handling
    var err = writeCustomError(error.message || error.errmsg || error.stack);
    res.status(417).json(err).end();
}

});

so in this way only developer know where password reset logic and how it can called and what parameters are required.

I will also suggest you to create different router files for express like QueryRouter,InsertRouter etc.

Also try to implement end-to-end encryption.Any query regarding post,kindly comment it.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.