add request validation to membership endpoint

package.json

@@ -25,6 +25,7 @@
     "cors": "^2.7.1",
     "express": "^4.11.0",
     "google-spreadsheet": "^2.0.4",
+    "joi": "^10.6.0",
     "lodash": "^3.10.1",
     "moment": "^2.18.1",
     "morgan": "^1.5.1",

routes/membership.js

@@ -4,10 +4,12 @@ var Promise           = require('bluebird');
 var GoogleSpreadsheet = require('google-spreadsheet');
 var async             = require('async');
 var moment            = require('moment');
+var Joi               = require('joi');
 
 var slack   = require('../services/slack');
 var config  = require('../lib/config');
 var stripe  = require('stripe')(config.stripe.secretKey);
+var validateRequest = require('../utils/validateRequest');
 
 function log(message) {
   console.log(message);
@@ -54,7 +56,21 @@ module.exports = function (app) {
    * POST /membership
    * Endpoint for adding a new member to the association
    */
-  app.post('/membership', function(req, res, next) {
+
+  const schema = Joi.object().keys({
+    userInfo: Joi.object().keys({
+      name: Joi.string().required(),
+      email: Joi.string().email().required(),
+      handle: Joi.string().required(),
+      address: Joi.string().required(),
+      city: Joi.string().required(),
+      postcode: Joi.string().required()
+    }),
+    stripeToken: Joi.string().required()
+  })
+
+  app.post('/membership', validateRequest(schema), function(req, res, next) {
+
     console.log(`Start membership addition with body: ${JSON.stringify(req.body)}`);
 
     stripe.charges.create({

utils/validateRequest.js

@@ -0,0 +1,12 @@
+var Joi = require('joi');
+
+module.exports = function validateRequest(schema) {
+  return function handler(req, res, next) {
+    Joi.validate(req.body, schema, function (err, value) {
+      if(err) {
+        return res.status(400).send(err.details)
+      }
+      next();
+    });
+  }
+}