# Validation
ExpressWebJs makes it easy to validate user input with the help of it's validation feature, let's look at a complete example of validating a form and displaying the error messages back to the user.
# Defining The Routes
First, let's assume we have a post route defined in our Routes/api.js file:
Route.post("post", "UserController@store");
Copied!
The POST route will store user data in the database.
# Writing The Validation Logic
To create our validation to validate user data, we do that with the Maker command
node maker make-request UserValidator
Copied!
This will generate our UserValidator class in App/Http/Requests folder. If this folder is not there, it will create it for us.
Our generated UserValidator class in UserValidator_request.js file looks like so:
"use strict"; const FormRequest = require("@elucidate/formRequest"); class UserValidator extends FormRequest { /** * Handle the request validation. * @param {*} data | e.g request body */ async validate(data) { return await this.make(data, { //validation rules. }); } } module.exports = new UserValidator();
Copied!
We can now create our validation rules in the validation rules section in validate method like so:
"use strict"; const FormRequest = require("@elucidate/formRequest"); class UserValidator extends FormRequest { /** * Handle the request validation. * @param {*} data | e.g request body */ async validate(data) { return await this.make(data, { first_name: "required|string", last_name: "required|string", phone: "required|max:14", email: "required|string|email|max:255", country: "required|string|max:255", city: "required|string|max:255", industry: "required|string|max:255", }); } } module.exports = new UserValidator();
Copied!
# Using validation in controller
We can now use our UserValidator in UserController like so:
"use strict"; const userValidator = require("@request/UserValidator_request"); class UserController { store = async (req, res, next) => { try { let validator = await userValidator.validate(req.body); if (validator.success) { //continue processing your data } else { return res.status(400).json(validator); } } catch (error) { return next(error); } }; } module.exports = UserController;
Copied!
# Working With Nested Rules
Nested objects can also be validated. There are two ways to declare validation rules for nested objects. The first way is to declare the validation rules with a corresponding nested object structure that reflects the data. The second way is to declare validation rules with flattened key names. Let's say our request data looks like so:
let data = { name: "Alex", bio: { age: 27, education: { primary: "Elementary School", secondary: "Secondary School", }, }, };
Copied!
We could declare our validation rules as follows:
"use strict"; const FormRequest = require("@elucidate/formRequest"); class UserValidator extends FormRequest { /** * Handle the request validation. * @param {*} data | e.g request body */ async validate(data) { return await this.make(data, { name: "required", bio: { age: "min:18", education: { primary: "string", secondary: "string", }, }, }); } } module.exports = new UserValidator();
Copied!
// Or using flattened key names
"use strict"; const FormRequest = require("@elucidate/formRequest"); class UserValidator extends FormRequest { /** * Handle the request validation. * @param {*} data | e.g request body */ async validate(data) { return await this.make(data, { "name": "required", "bio.age": "min:18", "bio.education.primary": "string", "bio.education.secondary": "string", }); } } module.exports = new UserValidator();
Copied!
# WildCards Rules
WildCards can also be validated.
"use strict"; const FormRequest = require("@elucidate/formRequest"); class UserValidator extends FormRequest { /** * Handle the request validation. * @param {*} data | e.g request body */ async validate(data) { return await this.make(data, { "users.*.name": "required", "users.*.bio.age": "min:18", "users.*.bio.education.primary": "string", "users.*.bio.education.secondary": "string", }); } } module.exports = new UserValidator();
Copied!
# Regex validation
In regex validation, the field under validation must match the given regular expression.
Note: When using the regex pattern, it may be necessary to specify rules in an array instead of using pipe delimiters, especially if the regular expression contains a pipe character. For each backward slash that you used in your regex pattern, you must escape each one with another backward slash.
"use strict"; const FormRequest = require("@elucidate/formRequest"); class UserValidator extends FormRequest { /** * Handle the request validation. * @param {*} data | e.g request body */ async validate(data) { return await this.make(data, { name: "required|size:3", salary: [ "required", "regex:/^(?!0\\.00)\\d{1,3}(,\\d{3})*(\\.\\d\\d)?$/", ], yearOfBirth: ["required", "regex:/^(19|20)[\\d]{2,2}$/"], }); } } module.exports = new UserValidator();
Copied!
# Type Checking Validation
"use strict"; const FormRequest = require("@elucidate/formRequest"); class UserValidator extends FormRequest { /** * Handle the request validation. * @param {*} data | e.g request body */ async validate(data) { return await this.make(data, { age: ["required", { in: [29, 30] }], name: [{ required_if: ["age", 30] }], }); } } module.exports = new UserValidator();
Copied!
# Custom Error Messages
If you need a specific error message and you don't want to override the default one, you can pass an override as the third argument to the make object.
"use strict"; const FormRequest = require("@elucidate/formRequest"); class UserValidator extends FormRequest { /** * Handle the request validation. * @param {*} data | e.g request body */ async validate(data) { return await this.make( data, { name: "required", }, { required: "You forgot to give a :attribute" }, ); } } module.exports = new UserValidator();
Copied!
If the validation failes, the error message will be 'You forgot to give a name'.
Some of the validators have string and numeric versions. You can change them too.
"use strict"; const FormRequest = require("@elucidate/formRequest"); class UserValidator extends FormRequest { /** * Handle the request validation. * @param {*} data | e.g request body */ async validate(data) { return await this.make( data, { username: "max:16", }, { max: { string: "The :attribute is too long. Max length is :max.", }, }, ); } } module.exports = new UserValidator();
Copied!
If the validation failes, the error message will be 'The username is too long. Max length is 16.'
You can even provide error messages on a per attribute basis! Just set the message's key to 'validator.attribute'
"use strict"; const FormRequest = require("@elucidate/formRequest"); class UserValidator extends FormRequest { /** * Handle the request validation. * @param {*} data | e.g request body */ async validate(data) { return await this.make( data, { email: "required", }, { "required.email": "Without an :attribute we can't reach you!" }, ); } } module.exports = new UserValidator();
Copied!
If the validation failes, the error message will be "Without an email we can't reach you!"
# Available Validation Rules
Below is a list of all available validation rules and their function:
Note: Validation rules do not have an implicit 'required'. If a field is undefined or an empty string, it will pass validation. If you want a validation to fail for undefined or '', use the required rule.
Rule | Function |
---|---|
accepted | The field under validation must be yes, on, 1 or true. This is useful for validating "Terms of Service" acceptance. |
after:date | The field under validation must be after the given date. |
after_or_equal:date | The field unter validation must be after or equal to the given field. |
alpha | The field under validation must be entirely alphabetic characters. |
alpha_dash | The field under validation may have alpha-numeric characters, as well as dashes and underscores. |
alpha_num | The field under validation must be entirely alpha-numeric characters. |
array | The field under validation must be an array. |
before:date | The field under validation must be before the given date. |
before_or_equal:date | The field under validation must be before or equal to the given date. |
between:min,max | The field under validation must have a size between the given min and max. Strings, numerics, and files are evaluated in the same fashion as the size rule. |
boolean | The field under validation must be a boolean value of the form true, false, 0, 1, 'true', 'false', '0', '1' |
confirmed | The field under validation must have a matching field of foo_confirmation. For example, if the field under validation is password, a matching password_confirmation field must be present in the input. |
date | The field under validation must be a valid date format which is acceptable by Javascript's Date object. |
digits:value | The field under validation must be numeric and must have an exact length of value. |
digits_between:min,max | The field under validation must be numeric and must have length between given min and max. |
different:attribute | The given field must be different than the field under validation. |
The field under validation must be formatted as an e-mail address. | |
hex | The field under validation should be a hexadecimal format. Useful in combination with other rules, like hex|size:6 for hex color code validation.
|
in:foo,bar,... | The field under validation must be included in the given list of values. The field can be an array or string. |
integer | The field under validation must have an integer value. |
max:value | Validate that an attribute is no greater than a given size |
min:value | Validate that an attribute is at least a given size. |
not_in:foo,bar,... | The field under validation must not be included in the given list of values. |
numeric | Validate that an attribute is numeric. The string representation of a number will pass. |
present | The field under validation must be present in the input data but can be empty. |
required | The field under validation must be present in the input data and not empty. |
required_if:anotherfield,value | The field under validation must be present and not empty if the anotherfield field is equal to any value. |
required_unless:anotherfield,value | The field under validation must be present and not empty unless the anotherfield field is equal to any value. |
required_with:foo,bar,... | The field under validation must be present and not empty only if any of the other specified fields are present. |
required_with_all:foo,bar,... | The field under validation must be present and not empty only if all of the other specified fields are present. |
required_without:foo,bar,... | The field under validation must be present and not empty only when any of the other specified fields are not present. |
required_without_all:foo,bar,... | The field under validation must be present and not empty only when all of the other specified fields are not present. |
same:attribute | The given field must match the field under validation. |
size:value | The field under validation must have a size matching the given value. For string data, value corresponds to the number of characters. For numeric data, value corresponds to a given integer value. |
string | The field under validation must be a string. |
url | Validate that an attribute has a valid URL format. |
regex:pattern | The field under validation must match the given regular expression. |