Серверная валидация сложных форм и ее синхронизация с фронтендом на примере Ajv - Александр Сафт (Zeeng)9. Серверная валидация - встроенная
app.post('/register', function(req, res) {
req.Validator
.validate('username', i18n.t('user.displayName'), {length: {min: 3, max: 256})
.filter('username', {trim: true})
.validate('password', {length: {min: 4, max: 64}})
.filter('password', {stripTags: false, escapeHTML: false});
req.Validator.getErrors(function(errors){ ... });
});
10. Серверная валидация - отдельная
Своя схема - Joi
Json Schema
const schema = Joi.object().keys({
username: Joi.string().alphanum().min(3).max(30).required(),
password: Joi.string().regex(/^[a-zA-Z0-9]{3,30}$/),
access_token: [Joi.string(), Joi.number()],
email: Joi.string().email()
}).with('username').without('password', 'access_token');
const schema = {
type: 'object',
properties: {
username: {type: 'string', format: 'alphanum', minLength:3, maxLength:30},
password: {type: 'string', regex: /^[a-zA-Z0-9]{3,30}$/},
access_token: {oneOf: [{type: 'string'}, {type: 'number'}]},
email: {type: 'string', format: 'email'}
},
required: ['username']
}
11. Серверная валидация - хелперы
До После
const userSchema = toAjvObject({
name: ct.notEmptyString,
email: ct.email,
dateOfBirth: ct.date,
about: ct.stringOrNull
})
const userSchema = {
type: 'object',
properties: {
name: {type: 'string', minLength: 1},
email: {type: 'string', format: 'email'},
dateOfBirth: {type: 'string', format: 'date'},
about: {oneOf: [{type: 'string'}, {type: 'null'}]}
},
required: ['name', 'email', 'dateOfBirth', 'about']
}
13. Серверная валидация – API
// create user
const userSchema = {
name: ct.notEmptyString,
email: ct.email
}
schemas.saveValidator(commands.CREATE_USER, toAjvObject(userSchema))
// update user
const userWithIdSchema = addIntId(userSchema)
schemas.saveValidator(commands.UPDATE_USER, toAjvObject(userWithIdSchema))
// create booking
const createBookingSchema = {
startTs: ct.datetime,
users: toAjvArray(toAjvObject(userSchema))
}
schemas.saveValidator(commands.CREATE_BOOKING, toAjvObject(createBookingSchema))
14. Серверная валидация – API
function saveValidator(cmdCode, schema) {
validators.raw[cmdCode] = schema
validators.compiled[cmdCode] = ajv.compile(schema)
}
// create booking
const createBookingSchema = {
startTs: ct.datetime,
users: toAjvArray(toAjvObject(userSchema))
}
schemas.saveValidator(commands.CREATE_BOOKING, toAjvObject(createBookingSchema))
15. Серверная валидация – API
{
"type": "object",
"properties": {
"startTs": {"type": "string", "format": "date-time"},
"users": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {"type": "string", "minLength": 1},
"email": {"type": "string", "format": "email"},
"dateOfBirth": {"type": "string", "format": "date"},
"about": {"oneOf": [{"type": "string"},{"type": "null"}]}
},
"required": ["name", "email", "dateOfBirth","about"]
}
}
},
"required": ["startTs", "users"]
}