Previous

Validation

  • Validation ensures API requests contain correct and safe data using tools like Joi and Express-validator.

  • Request Validation

    Request validation checks that the data sent by the client (in body, query, or params) meets required rules like type, length, or format

    Why Validation is Important:

    • Prevents invalid or malicious data

    • Protects database from incorrect entries

    • Improves user experience with meaningful errors

    • Reduces backend crashes

    Example – Manual Validation

Request Validation in Express.js

Checks client data for required fields and correct formats. Returns errors for invalid input to protect the database and improve reliability. 

app.post("/register", (req, res) => {
  const { name, email, age } = req.body;

  if (!name || !email) {
    return res.status(400).send("Name and email are required");
  }
  if (age && age < 18) {
    return res.status(400).send("Age must be at least 18");
  }

  res.send("Validation passed, user can be saved");
});

  • Explanation:

    • Simple if-checks to validate required fields

    • Not scalable for complex rules — better use validation libraries

    Using Joi / Express-Validator

    Libraries like Joi and Express-validator make validation structured and reusable.

npm install joi

Request Validation Using Joi

Uses Joi to define reusable validation schemas and automatically check client data, returning structured error messages for invalid input. 

const Joi = require("joi");

const userSchema = Joi.object({
  name: Joi.string().min(3).required(),
  email: Joi.string().email().required(),
  age: Joi.number().integer().min(18)
});

app.post("/register", (req, res) => {
  const { error } = userSchema.validate(req.body);

  if (error) {
    return res.status(400).json({ error: error.details[0].message });
  }

  res.send("User data is valid");
});

  • Explanation:

    • Schema defines rules clearly

    • .validate() checks the incoming data

    • Error messages are descriptive


    Express-Validator Example

npm install express-validator

Request Validation Using Express-Validator

Uses express-validator to validate incoming request data with middleware, returning structured errors if fields are missing or invalid. 

const { body, validationResult } = require("express-validator");

app.post("/register",
  body("name").isLength({ min: 3 }),
  body("email").isEmail(),
  body("age").optional().isInt({ min: 18 }),
  (req, res) => {
    const errors = validationResult(req);
    if (!errors.isEmpty()) {
      return res.status(400).json({ errors: errors.array() });
    }
    res.send("User data is valid");
  }
);

  • Explanation:

    • Middleware validates request fields before route logic

    • validationResult captures errors in a structured array

    • Works well for multiple endpoints

Previous