Global Feathers hooks and event filters

Guilherme Vieira Source

In Express, it's very easy to block access to all routes starting, say, with the /admin prefix, simply by adding a middleware to that path before adding handlers for any specific endpoints under that path.

In Feathers, it looks like we have to create some common hook modules and add them to every service we created, individually. Same goes for event filters.

I find the thought of forgetting to add an authentication hook or event filter scary, because I wouldn't notice the mistake unless I reviewed all service initialization code or got hacked. In that sense, an Express middleware with some sort of white-listing I can easily implement for exceptional endpoints gives me much more peace of mind.

Is it possible to do something like that in Feathers?

(P.S.: I just noticed I had protected my app's REST API, but had forgotten to protect all real-time events).



answered 2 years ago Daff #1

As of v1.6.0 feathers-hooks supports application hooks that run on all services via app.hooks:

  before(hook) {
    console.log('Global before hook');

  after(hook) {
    console.log('Global after hook');

  error(hook) {
    console.error(`Error in ${hook.path} method ${hook.method}`, hook.error.stack);

For more examples see this blog post about error and application hooks.

As for the real-time events, the new generator will also try to create as safe defaults as possible (e.g. by generating a default filter that shows a warning to register more specific filters).

comments powered by Disqus