Coding

NodeJS / Express / MongoDB – Build a Shopping Cart – #8 Validation

  • 00:00:00 welcome back as explained in the last
  • 00:00:03 lecture one problem we currently have an
  • 00:00:05 assign a process here is that I can
  • 00:00:07 enter invalid email addresses like this
  • 00:00:10 one and that certainly isn't the
  • 00:00:12 behavior I want so I need to change this
  • 00:00:15 and one thing to were one way to change
  • 00:00:18 this is to add validation now you could
  • 00:00:22 of course write your own logic but
  • 00:00:23 that's pretty complex and unnecessary
  • 00:00:26 like as for many things in your express
  • 00:00:29 applications there are third-party
  • 00:00:31 packages you dump into your project to
  • 00:00:33 add functionality you need in the case
  • 00:00:35 of validation
  • 00:00:36 I recommend Express validator and this
  • 00:00:40 is deal github repository off the
  • 00:00:42 Creator or off this package and there
  • 00:00:45 too you find a link on how to install
  • 00:00:47 this as well as some usage examples and
  • 00:00:49 well in the documentation for this
  • 00:00:52 package so over in a project I will
  • 00:00:55 install it with the save flag though to
  • 00:00:58 also place a entry new package to chase
  • 00:01:01 and file and then my first step is to
  • 00:01:04 set it up here in my app J's file so I
  • 00:01:07 will name is a validator and require it
  • 00:01:10 Express validator and you need to start
  • 00:01:14 this validator after your body parts are
  • 00:01:19 here is done this order is important so
  • 00:01:23 validator should be executed here
  • 00:01:25 because the validator will on its own
  • 00:01:27 parse the body and retrieve the
  • 00:01:29 parameters you want to validate from the
  • 00:01:32 submitted request body therefore this
  • 00:01:34 has to be done after the body is parsed
  • 00:01:37 of course otherwise you can't validate
  • 00:01:38 it so with that being set up the next
  • 00:01:42 step is to add the validation in the
  • 00:01:45 route however here we're using passport
  • 00:01:49 to handle all the requests and create a
  • 00:01:52 user so the right place to continue is
  • 00:01:54 passport a s now in this file here I
  • 00:01:58 want to validate inside this callback
  • 00:02:02 I'm getting the request pass to the
  • 00:02:04 callback since I set this to true and
  • 00:02:07 therefore I can access all the
  • 00:02:09 parameters off the callback so before
  • 00:02:12 checking if the email address already
  • 00:02:14 the database and doing all that I will
  • 00:02:16 simply validate the past parameters so I
  • 00:02:19 will do this by running request check
  • 00:02:23 body a function added by this validator
  • 00:02:26 and I want to check the email field and
  • 00:02:29 I want to send back T message invalid
  • 00:02:34 email if validation fails so this is
  • 00:02:36 specified as a second parameter here and
  • 00:02:39 then I chain the validators I want to
  • 00:02:41 use in my case is email is one of the
  • 00:02:45 validators as well as before even
  • 00:02:48 checking the email if it is not empty
  • 00:02:51 because I wanted to be passed and then i
  • 00:02:54 duplicate us to also validate the
  • 00:02:57 password and check if or say invalid
  • 00:03:00 password if this fails and I check if it
  • 00:03:03 is not empty and I also replace its
  • 00:03:06 email here with is length and then I
  • 00:03:09 pass an object where I specified a
  • 00:03:11 minimum length to be four characters and
  • 00:03:14 with that I have validation in place but
  • 00:03:17 I'm currently not handling any errors so
  • 00:03:19 this would check it and it would
  • 00:03:21 recognize that maybe the email is wrong
  • 00:03:23 but it wouldn't do anything in order to
  • 00:03:26 do anything I will add a new variable
  • 00:03:28 called errors where I will check if any
  • 00:03:32 validation errors appeared I can do it
  • 00:03:34 like this validation errors is a
  • 00:03:36 function added by this package and using
  • 00:03:39 the arrows thrown by my validators I
  • 00:03:41 registered here on my request
  • 00:03:43 so with these errors extracted I can
  • 00:03:47 check if I have any with the function
  • 00:03:49 here and if I do have errors I want to
  • 00:03:52 create an array of messages which I want
  • 00:03:54 to pass back to the view so I will then
  • 00:03:57 loop through my arrows with this for
  • 00:04:00 each function here and for each error I
  • 00:04:04 find I will simply push it on my
  • 00:04:08 messages array here however I will not
  • 00:04:11 push the complete error but only the
  • 00:04:14 message now dot message here is of
  • 00:04:16 course a field this validator package
  • 00:04:18 adds for each error so each error there
  • 00:04:21 basically has a parent field describing
  • 00:04:23 which parameter through the error
  • 00:04:25 and the message field as well as a
  • 00:04:28 number field but this message feature is
  • 00:04:30 the important food for us and with that
  • 00:04:32 I can in this case then return done now
  • 00:04:36 because while we didn't get an error in
  • 00:04:39 the case of a technical error or
  • 00:04:41 anything like that
  • 00:04:42 but it was also not successful so false
  • 00:04:44 and I want to flash an error message
  • 00:04:47 now I'm not returning message here like
  • 00:04:50 before as this argument but instead I
  • 00:04:55 will add the arrows myself by calling
  • 00:04:59 request flash and then assigning it to
  • 00:05:03 the error field there which I'm already
  • 00:05:06 extracting the view and then assigning
  • 00:05:10 my messages with that I'm sending my
  • 00:05:14 bundled messages to review with this
  • 00:05:16 flash milah we're here and interview I'm
  • 00:05:19 looping through all the message I'm
  • 00:05:21 displaying them here so this should work
  • 00:05:23 I'll restart my server revisit this page
  • 00:05:31 and I'll try to enter an invalid email
  • 00:05:33 address missing credentials so I enter
  • 00:05:37 both now I get invalid email I enter
  • 00:05:40 both and a password which is too short I
  • 00:05:42 get invalid email or invalid password
  • 00:05:45 and now only the password and now a
  • 00:05:48 valid email address which has already
  • 00:05:50 been taken emails already news so the
  • 00:05:54 complete validation here is working in
  • 00:05:56 the way I want and I make sure that only
  • 00:05:59 well valid values can be passed to the
  • 00:06:02 database with that the signup process
  • 00:06:05 looks pretty pretty good and it's time
  • 00:06:09 to continue with the next part which is
  • 00:06:11 about signing in the user and then also
  • 00:06:14 protecting the routes see you there bye