Validating Requests
FW24 boasts a robust validation framework, offering two types of validation for API endpoints:
-
InputValidationRule<{...some-type...}>allows for straightforward validations for any input or type.const myInputValidation: InputValidationRule<{a: string, b: string}> = {
a: {
required: true,
minLength: 5
},
b: {
required: true,
dataType: 'email'
}
} -
HttpRequestValidationsoffers validation rules for the entire HTTP request, including the body, header, param, and query.type Body = {
a: string,
b: string,
};
type Param = {
id: string,
};
type Header = {
'xxx-api-key': string,
'xxx-client-id': string,
};
type Query = {
cursor: string,
sort: 'asc' | 'desc',
};
const myHttpRequestValidations: HttpRequestValidations<Header, Body, Param, Query> = {
body: {
a: {
required: true,
maxLength: 100,
},
b: {
required: true,
inList: ['My Auth 1', 'My Auth 2'] // The author must be one of the two names
}
},
path: {
id: {
required: true,
dataType: 'uuid',
}
},
query: {
cursor: {
required: true,
},
sort: {
inList: ['asc', 'desc']
}
},
header: {
'xxx-api-key': {
eq: 'xxx-yyy-zzz'
},
'client-id': {
required: true
}
}
}
Implementing Validations for Routes
FW24 supports the addition of validation in method decorators and also offers a dedicated @Validations() decorator for those who prefer this approach..
Implementing Validation in the Method Decorator
For methods of type [POST, PATCH, PUT], the validations apply to the request body. For other types, they apply to the query parameters.
type RequestInputSchema = {
bookName: string,
authorName: string,
};
@Controller('demo')
export class MyController extends APIController {
@Get('/my-endpoint', {
validations: {
bookName: {
required: true,
maxLength: 100,
},
authorName: {
required: true,
inList: ['My Auth 1', 'My Auth 2'] // The author must be one of the two names
}
}
})
private myEndpointHandler(req: Request, res: Response): Promise<Response>{
const {bookName, authorName} = req.queryString as RequestInputSchema;
return res.json({bookName, authorName});
}
@Post('/my-endpoint', {
validations: {
bookName: {
required: true,
maxLength: 100,
},
authorName: {
required: true,
inList: ['My Auth 1', 'My Auth 2'] // The author must be one of the two names
}
}
})
private myEndpointHandler(req: Request, res: Response): Promise<Response>{
const {bookName, authorName} = req.body as RequestInputSchema;
return res.json({bookName, authorName});
}
}
Implementing Validation in the Validations() Decorator
The @Validations() decorator supersedes the validations defined in the Method decorator. If the validations are of type InputValidation and the request method is one of [POST, PATCH, PUT], the validations apply to the request-body. Otherwise, they apply to the request-query-params.
{
type RequestInputSchema = {
bookName: string,
authorName: string,
};
// Validate the input. For POST, PATCH, and PUT, it's the body; otherwise, it's the query parameters.
@Validations({
bookName: {
required: true,
maxLength: 100,
},
authorName: {
required: true,
inList: ['My Auth 1', 'My Auth 2'] // Author can have only one of the 2 names
}
})
@Post('/another-endpoint')
private anotherHandler(req: Request, res: Response): Promise<Response>{
const { bookName, authorName } = req.body as RequestInputSchema;
return res.json({ bookName, authorName });
}
@Validations(myHttpRequestValidations)
@Post('/awesome-endpoint/{id}')
private awesomeHandler(req: Request, res: Response): Promise<Response>{
const { a, b } = req.body as RequestInputSchema;
const { id } = req.path as any;
const { cursor, sort } = req.query as any;
return res.json({a, b, id, cursor, sort});
}
}