express-validator
Advanced tools
Comparing version 0.3.2 to 0.4.0
@@ -6,6 +6,4 @@ /* | ||
* | ||
* 1. Be sure to include `req.mixinParams()` as middleware to merge | ||
* query string, body and named parameters into `req.params` | ||
* | ||
* 2. To validate parameters, use `req.check(param_name, [err_message])` | ||
* 1. To validate parameters, use `req.check(param_name, [err_message])` | ||
* e.g. req.check('param1').len(1, 6).isInt(); | ||
@@ -18,7 +16,7 @@ * e.g. req.checkHeader('referer').contains('mydomain.com'); | ||
* | ||
* 3. To sanitize parameters, use `req.sanitize(param_name)` | ||
* 2. To sanitize parameters, use `req.sanitize(param_name)` | ||
* e.g. req.sanitize('large_text').xss(); | ||
* e.g. req.sanitize('param2').toInt(); | ||
* | ||
* 4. Done! Access your validated and sanitized paramaters through the | ||
* 3. Done! Access your validated and sanitized paramaters through the | ||
* `req.params` object | ||
@@ -32,23 +30,5 @@ */ | ||
var expressValidator = function(req, res, next) { | ||
function checkParam(req, getter) { | ||
return function(param, fail_msg) { | ||
req.updateParam = function(name, value) { | ||
// route params like /user/:id | ||
if (this.params && this.params.hasOwnProperty(name) && | ||
undefined !== this.params[name]) { | ||
return this.params[name] = value; | ||
} | ||
// query string params | ||
if (undefined !== this.query[name]) { | ||
return this.query[name] = value; | ||
} | ||
// request body params via connect.bodyParser | ||
if (this.body && undefined !== this.body[name]) { | ||
return this.body[name] = value; | ||
} | ||
return false; | ||
}; | ||
req.check = function(param, fail_msg) { | ||
var value; | ||
@@ -73,3 +53,3 @@ | ||
if (value === undefined) { | ||
value = req.param(item); | ||
value = getter(item) | ||
} else { | ||
@@ -98,4 +78,32 @@ value = value[item]; | ||
return validator.check(value, fail_msg); | ||
} | ||
} | ||
var expressValidator = function(req, res, next) { | ||
req.updateParam = function(name, value) { | ||
// route params like /user/:id | ||
if (this.params && this.params.hasOwnProperty(name) && | ||
undefined !== this.params[name]) { | ||
return this.params[name] = value; | ||
} | ||
// query string params | ||
if (undefined !== this.query[name]) { | ||
return this.query[name] = value; | ||
} | ||
// request body params via connect.bodyParser | ||
if (this.body && undefined !== this.body[name]) { | ||
return this.body[name] = value; | ||
} | ||
return false; | ||
}; | ||
req.check = checkParam(req, function(item) { | ||
return req.param(item); | ||
}); | ||
req.checkBody = checkParam(req, function(item) { | ||
return req.body[item]; | ||
}); | ||
req.checkHeader = function(header, fail_msg) { | ||
@@ -102,0 +110,0 @@ var to_check; |
@@ -7,5 +7,6 @@ { | ||
"Chris O'Hara <cohara87@gmail.com>", | ||
"@orfaust" | ||
"@orfaust", | ||
"@zero21xxx" | ||
], | ||
"version": "0.3.2", | ||
"version": "0.4.0", | ||
"homepage": "https://github.com/ctavan/express-validator", | ||
@@ -24,3 +25,3 @@ "repository": { | ||
"dependencies": { | ||
"validator": "0.4.25" | ||
"validator": "1.1.3" | ||
}, | ||
@@ -27,0 +28,0 @@ "devDependencies": { |
@@ -30,3 +30,4 @@ # express-validator | ||
req.assert('postparam', 'Invalid postparam').notEmpty().isInt(); | ||
// checkBody only checks req.body; none of the other req parameters | ||
req.checkBody('postparam', 'Invalid postparam').notEmpty().isInt(); | ||
req.assert('getparam', 'Invalid getparam').isInt(); | ||
@@ -66,14 +67,6 @@ req.assert('urlparam', 'Invalid urlparam').isAlpha(); | ||
{ param: 'urlparam', msg: 'Invalid urlparam', value: 't1est' } ] | ||
``` | ||
You can extend the `Validator` and `Filter` objects to add custom validation | ||
and sanitization methods: | ||
```javascript | ||
var expressValidator = require('express-validator'); | ||
expressValidator.Filter.prototype.toLowerCase = function(){ | ||
this.modify(this.str.toLowerCase()); | ||
return this.str; | ||
}; | ||
$ curl http://localhost:8888/test?getparam=1&postparam=1 | ||
There have been validation errors: [ | ||
{ param: 'postparam', msg: 'Invalid postparam', value: undefined} ] | ||
``` | ||
@@ -169,3 +162,30 @@ | ||
### Extending | ||
You can extend the `Validator` and `Filter` objects to add custom validation | ||
and sanitization method. | ||
Custom validation which always fails. Useful for debugging or for | ||
adding messages manually when doing complex validation: | ||
```javascript | ||
var expressValidator = require('express-validator'); | ||
expressValidator.Validator.prototype.fail = function() { | ||
//You could validate against this.str, instead of just erroring out. | ||
this.error(this.msg); | ||
return this; | ||
}; | ||
``` | ||
Custom sanitization which lower-cases the string: | ||
```javascript | ||
expressValidator.Filter.prototype.toLowerCase = function(){ | ||
this.modify(this.str.toLowerCase()); | ||
return this.str; | ||
}; | ||
``` | ||
## Changelog | ||
@@ -212,2 +232,3 @@ | ||
- @orfaust - Add `validationErrors()` and nested field support | ||
- @zero21xxx - Added `checkBody` function | ||
@@ -214,0 +235,0 @@ ## License |
@@ -14,3 +14,3 @@ var assert = require('assert'); | ||
var validation = function(req, res) { | ||
req.assert(0, errorMessage).len(3,3).isInt(); | ||
req.assert(0, errorMessage).len(3, 3).isInt(); | ||
@@ -28,3 +28,3 @@ var errors = req.validationErrors(); | ||
function fail(body) { | ||
assert.equal(body.length, 1); | ||
assert.equal(body.length, 2); | ||
assert.deepEqual(body[0].msg, errorMessage); | ||
@@ -31,0 +31,0 @@ } |
20726
15
449
235
5
+ Addedvalidator@1.1.3(transitive)
- Removedvalidator@0.4.25(transitive)
Updatedvalidator@1.1.3