2. Tutorials
  3. hapi — How to Use Query Parameters

hapi — How to Use Query Parameters

During the last weeks we’ve kicked off a new hapi server, extended its functionality with plugins, wrote our own custom plugin, added authentication and defined those authentication strategies to apply for your routes within a selected hapi server instance.

As you’ve recognized within the title, this tutorial is geared towards the handling of query parameters and shows you how to manage them within your app.

Before diving into the details, have a look at the series outline and find posts that match your interests and needs.

hapi Series Overview

  1. Get Your Server Up and Running
  2. v17 Upgrade Guide (Your Move to async/await)
  3. Become a Better Developer in 2018
  4. Become a Better Developer in 2017
  1. What You’ll Build
  2. Prepare Your Project: Stack & Structure
  3. Environment Variables and Storing Secrets
  4. Set Up MongoDB and Connect With Mongoose
  5. Sending Emails in Node.js
  6. Load the User’s Profile Picture From Gravatar Using Virtuals in Mongoose
  7. Implement a User Profile Editing Screen
  8. Generate a Username in Mongoose Middleware
  9. Displaying Seasons and Episodes for TV Shows with Mongoose Relationship Population
  10. Implementing Pagination for Movies
  11. Implement a Watchlist
  12. Create a Full Text Search with MongoDB
  1. Create a REST API with JSON Endpoints
  2. Update Mongoose Models for JSON Responses
  3. API Pagination for TV Shows
  4. Customize API Endpoints with Query Parameters
  5. Always Throw and Handle API Validation Errors
  6. Advanced API Validation With Custom Errors
  7. Create an API Documentation with Swagger
  8. Customize Your Swagger API Documentation URL
  9. Describe Endpoint Details in Your Swagger API Documentation
  10. 10 Tips on API Testing With Postman
  11. JWT Authentication in Swagger API Documentation
  12. API Versioning with Request Headers
  1. IP-Based Rate Limits (Part 1 of 7)
  2. Rate Limits for Routes (Part 2 of 7)
  3. Dynamic Rate Limits (Part 3 of 7)
  4. Render a “Rate Limit Exceeded” View (Part 4 of 7)
  5. Show “Rate Limit Exceeded” Error on Login (Part 5 of 7)
  6. Disable Rate Limiting (Part 6 of 7)
  7. Rate Limiter Refactoring & Cleanup (Part 7 of 7)
  1. API Login With Username and Password to Generate a JWT
  2. JWT Authentication and Private API Endpoints
  3. Refresh Tokens With JWT Authentication
  4. Create a JWT Utility
  5. JWT Refresh Token for Multiple Devices
  6. Check Refresh Token in Authentication Strategy
  7. Rate Limit Your Refresh Token API Endpoint
  8. How to Revoke a JWT
  9. Invalidate JWTs With Blacklists
  10. JWT Logout (Part 1/2)
  11. JWT “Immediate” Logout (Part 2/2)
  12. A Better Place to Invalidate Tokens
  13. How to Switch the JWT Signing Algorithm
  14. Roll Your Own Refresh Token Authentication Scheme
  15. JWT Claims 101
  16. Use JWT With Asymmetric Signatures (RS256 & Co.)
  17. Encrypt the JWT Payload (The Simple Way)
  18. Increase JWT Security Beyond the Signature
  19. Unsigned JSON Web Tokens (Unsecured JWS)
  20. JWK and JWKS Overview
  21. Provide a JWKS API Endpoint
  22. Create a JWK from a Shared Secret
  23. JWT Verification via JWKS API Endpoint
  24. What is JOSE in JWT
  25. Encrypt a JWT (the JWE Way)
  26. Authenticate Encrypted JWTs (JWE)
  27. Encrypted and Signed JWT (Nested JWT)
  28. Bringing Back JWT Decoding and Authentication
  29. Bringing Back JWT Claims in the JWT Payload
  1. How to Run Separate Frontend and Backend Servers Within a Single Project
  2. How to Use Server Labels
  3. How to Correctly Stop Your Server and Close Existing Connections
  1. Basic Authentication With Username and Password
  2. Authentication and Remember Me Using Cookies
  3. How to Set a Default Authentication Strategy
  4. Define Multiple Authentication Strategies for a Route
  5. Restrict User Access With Scopes
  6. Show „Insufficient Scope“ View for Routes With Restricted Access
  7. Access Restriction With Dynamic and Advanced Scopes
  8. hapi - How to Fix „unknown authentication strategy“
  9. Authenticate with GitHub And Remember the Login
  10. Authenticate with GitLab And Remember the User
  11. How to Combine Bell With Another Authentication Strategy
  12. Custom OAuth Bell Strategy to Connect With any Server
  13. Redirect to Previous Page After Login
  14. How to Implement a Complete Sign Up Flow With Email and Password
  15. How to Implement a Complete Login Flow
  16. Implement a Password-Reset Flow
  1. Views in hapi 9 (and above)
  2. How to Render and Reply Views
  3. How to Reply and Render Pug Views (Using Pug 2.0)
  4. How to Create a Dynamic Handlebars Layout Template
  5. Create and Use Handlebars Partial Views
  6. Create and Use Custom Handlebars Helpers
  7. Specify a Different Handlebars Layout for a Specific View
  8. How to Create Jade-Like Layout Blocks in Handlebars
  9. Use Vue.js Mustache Tags in Handlebars Templates
  10. How to Use Multiple Handlebars Layouts
  1. Extend Your Server Functionality With Plugins
  2. Create Your Own Custom Plugin
  3. How to Register Plugins for a Selected Server Instance
  4. hapi Plugin for Client Geo Location (by Future Studio 🚀)
  5. Increase Development Speed With Errors in the Browser or as JSON Response
  1. How to Access and Handle Request Payload
  2. Access Request Headers
  3. How to Manage Cookies and HTTP States Across Requests
  4. Detect and Get the Client IP Address
  5. How to Upload Files
  6. Quick Access to Logged In User in Route Handlers
  7. How to Fix “handler method did not return a value, a promise, or throw an error”
  8. How to Fix “X must return an error, a takeover response, or a continue signal”
  1. How to Reply a JSON Response
  2. How to Set Response Status Code
  3. How to Handle 404 Responses for Missing Routes
  1. Query Parameter Validation With Joi
  2. Path Parameter Validation With Joi
  3. Request Payload Validation With Joi
  4. Validate Query and Path Parameters, Payload and Headers All at Once on Your Routes
  5. Validate Request Headers With Joi
  6. Reply Custom View for Failed Validations
  7. Handle Failed Validations and Show Errors Details at Inputs
  8. How to Fix AssertionError, Cannot validate HEAD or GET requests
  1. Add CSRF Protection on Forms and API Endpoints
  1. Report Errors to Sentry
  2. Don’t Report Errors to Sentry in Development Mode
  3. Logging Fundamentals
  4. Log to Console With Good
  5. Log to File With Good
  1. Getting Started With Testing Using Lab and Code
  2. Run Tests with Assertions using Code
  3. Test Route Handlers by Injecting Requests
  4. Inject Request Payload, Headers and Parameters While Testing Route Handlers
  1. Zero-Downtime Deployments Using PM2

Access Query Parameters

Query parameters are a common way to pass information from clients to the server and of course you’re able to make use of query parameters in hapi, too. Let’s start out with a straight forward example based on the URL below:

https://futurestud.io?name=marcus

Dividing the URL into its different parts will result in the query parameter string of ?name=marcus. Query parameters in URLs are in the format of key=value. The first query parameter pair is indicated within the URL by using the question mark ? and any following pair is added by using the ampersand &.

In hapi, you can access query parameters using the request object. The request instance provides a field called query and by accessing it, you’ll receive an object with the parsed query parameters from your request’s URL. The code snippet below shows you how to access query parameters within a route handler.

hapi v17

server.route({  
  method: 'GET',
  path: '/',
  handler: (request, h) => {
    // access request’s query parameter
    const params = request.query

    console.log(params)
  }
})

hapi v16

server.route({  
  method: 'GET',
  path: '/',
  handler: function (request, reply) {
    // access request’s query parameter
    var params = request.query

    console.log(params)

    reply()
  }
})

Based on the exemplary URL from the start of this section, the resulting query parameter object in hapi would look like this:

{
  name: 'marcus'
}

Because you’ve only provided a single parameter with key name and value marcus, the object contains just this single field. If you pass more parameters with different keys, each of them is available as an individual field. But what if we provide multiple query parameters with the same key? The following section shows you the details.

Multiple Query Parameters of the Same Name

You’ve seen how to access query parameters in hapi if you only provide a key once within your request URL. Let’s assume you’re using the following URL that specifies a name and two filter.

https://futurestud.io?name=marcus&filter=premium&filter=video

In the process of extending the Future Studio Blog to the upcoming Future Studio University, we’ve added functionality that allows you to filter tutorials based on its type and content. Currently, we have videos available for selected guides, but you can’t filter for them. That will be different within the next major release of our platform (no release date yet, sorry).

You’ve already seen how to access query parameters, let’s recap it again:

hapi v17

server.route({  
  method: 'GET',
  path: '/',
  handler: (request, h) => {
    // access request’s query parameter
    var params = request.query

    console.log(params)
  }
})

hapi v16

server.route({  
  method: 'GET',
  path: '/',
  handler: function (request, reply) {
    // access request’s query parameter
    var params = request.query

    console.log(params)

    reply()
  }
})

Based on the sample URL in the beginning of this section, we’re expecting the query parameter object to have a field for name with value marcus and aren’t sure what happens to filter. Actually, you may have thought of a list with values and that’s exactly what hapi does and provides: a list of values for the key filter.

{
  name: 'marcus',
  filter: [
    'video',
    'premium'
  ]
}

Notice: please keep in mind that hapi provides the individual value for a given key if you only pass it once within the request URL. If you add the same key twice or more often, you’ll receive an array of values. Make sure your application is aware of this scenario and can handle it properly. Don’t let users crash your server by adding keys manually within the URL and you’re expecting just a single value but get caught up in an array.

Empty Query Parameter Values

There are various scenarios that can happen and your server received invalid or malformed data. But what happens if the value is missing for the query parameter key?

https://futurestud.io?name=&filter=video

You’ll receive an empty string value for name.

{
  name: '',
  filter: 'video
}

Query Parameters After Trailing Slash in Base URL

Adding query parameters to our base URL that doesn’t contain a trailing slash, browsers will add the trailing slash automatically. The functionality stays the same and query parameters get send properly with your request and parsed by hapi.

The following request URLs are actually the same:

https://futurestud.io?name=marcus  
# and
https://futurestud.io/?name=marcus

If you request a base URL without trailing slash and query parameters within your browser, it will automatically add it.

The evaluation of query parameters will stay the same for paths other than root and query parameters are valid for those URLs with trailing slash as well, like:

https://futurestud.io/blog/?filter=video

The difference between base URL and URL paths is this: browsers won’t add the trailing slash after your path segment automatically.

Outlook

This guide walked you through the handling of query parameters in hapi. Actually, it’s kind of straight forward, because you’ll receive the individual values already parsed as a JavaScript Object. Please make sure that your app handles empty (undefined|null|{}), single and arrays of values properly. Be cautious about the input within your implementation and look that your server doesn’t crash due to the query parameter values.

To close the realm of request parameters, you should get a grasp on path parameter handling including multi-segment and wildcard params.

We appreciate feedback and love to help you if there’s a question on your mind. Let us know in the comments or on twitter @futurestud_io.

Make it rock & enjoy coding!

Marcus Pöhls

Marcus is a fullstack JS developer. He’s passionate about the hapi framework for Node.js and loves to build web apps and APIs. Creator of Futureflix and the “learn hapi” learning path.

Explore the Library

Find interesting tutorials and solutions for your problems.

Android

Node.js

Server

Miscellaneous