How to find the Error message in Error object send by NodeJS in Angular

Question

The Nodejs functions return an error from try/catch scope, such as the one below if the user doesn't exist of if a database is not reachable:

router.delete('/delete/:email', async (req, res) => {
  var email = req.params.email;
  try {
    let result = await User.remove({"email": email});    
    res.status(204).send(email);
  } catch (err) {
    res.status(400).send(err);
  }
});

I can also return the Error from Nodejs server by myself:

return res.status(400).send(new Error(`The user with email ${email} doesn't exist.`));

The first problem is that I can't find the error message that is embedded somewhere deep in the body the returned Error object. It is stored in one of its 100+ attributes. Where should I look for it so I could display in on a screen for the end user to read it?

Then, the err object generated by the try/catch scope has a set of different attributes comparing to the Error object created with new Error("Here is my error message"). Is there a way to normalize the returned Errors so they all have the same or similar attributes?

Answer 1

If you want to develop a secure web application with nice error handling, i will suggest you the following structure.

Step 1. At front end divide your api calls in four main operations for e.g. inset,update,query and filter.

now whenever your page loads and you want to show some data fetched from server then your api call must be like 'https://domainname.tld/server/query' and send some payload with this api call according to need of your data requirements to be fetched.

At backend probably at Server.js handle like this :

app.all("/server/query", function (req, res) {
try {
    console.log(a);
    // some database or io blocking process
} catch (error) {
    // error handling
    var err = writeCustomError(error.message || error.errmsg || error.stack);
    res.status(417).json(err).end();
}

});

function writeCustomError(message) {
var errorObject = {};
errorObject.message = message;
errorObject.code = 10001; // as you want
errorObject.status = "failed";
return errorObject;

}

in try block you can also handle logical errors using same function i.e writeCustomError

So if you use this approach you can also implement end-to-end encryption and send only eP('encrypted payload') and eK('encryption Key'),by doing this end users and bad end users even can not evaluate your serve API calls.

If you are thinking how will you route different paths at server then simplest solution is send uri in payload from client to server for e.g

User wants to reset password :-

then

call api like this

https://domain.tld/server/execute and send Json object in payload like this {uri:"reset-password",old:"",new:""}.

at backend

use

app.all("/server/execute", function (req, res) {
try {
    // decrypt payload
    req.url = payload.uri;
    next();
} catch (error) {
    // error handling
    var err = writeCustomError(error.message || error.errmsg || error.stack);
    res.status(417).json(err).end();
}

});

app.all("/reset-password", function (req, res) {
try {
    // reset logic
} catch (error) {
    // error handling
    var err = writeCustomError(error.message || error.errmsg || error.stack);
    res.status(417).json(err).end();
}

});

so in this way only developer know where password reset logic and how it can called and what parameters are required.

I will also suggest you to create different router files for express like QueryRouter,InsertRouter etc.

Also try to implement end-to-end encryption.Any query regarding post,kindly comment it.

Answer 2

You don't need to return the whole error object from the server, and arguably shouldn't since error messages can expose internals about your code and infrastructure.

One way you could handle this is to format and return an error message from the server yourself. Assuming you're using express this would look something like:

return res.status(400).json({ message: `The user with email ${email} doesn't exist.` });

Alternatively you could use an error handling middleware like strong-error-handler found here: https://github.com/strongloop/strong-error-handler which automatically builds a json formatted message that's easier to parse, but keep in mind that the content of the message differs depending on whether you set debug mode to true or no.