Introduction

A major chunk of a backend developer’s work is to write APIs. And For security and data integrity, it’s required that we validate the inputs before we save it to our database.

This article aims to provide a way to abstract the mundane task of input validations and error handlings. By the end of the article, you will learn how to validate inputs in a more reusable and elegant manner.

Let’s begin

We generally validate our input by testing them with an if-condition and if it fails the test we send a relevant error message as a response.

Below is an example of simple validation for an API, that adds a story.

In this API method, we make the following tests

user is present. title is present and does not exceed a length of 100. body is present and does not exceed a length of 1000.

And if any test fails, we send a separate message for that scenario.

Although there are a lot of validation libraries present, not many provide a pattern for easy validations and returning error messages.

What we need is such a pattern where we can put all validations in one single place, that also handle error reporting implicitly. Below I’ve rewritten the same API, in a different way.

We’ll get to how the functions work in the next section, but let’s point out the differences here:

All our validations are together and more readable Error handling is done in one single place We are not writing explicit error messages in our code It’s not required to use if-else directly in the API methods

One thing I would like to point out is that we are passing an object as a parameter to validator functions. There’s a specific reason for this. By sending input params in an object we are sending both the name and the value to the validation function. Thus, the variable name could be used in the error message to tell what exact input was wrong. For example, if the title was sent empty, the validating function can create the error message as `title cannot be empty`.

How does this validator work?

This a very short and simple example of implementing this. Our validator currently has three methods:

validate.all

validate.all is a function that returns a resolved promise if all entries passed to it are true. It sends a rejected promise when there’s an error string present in parameters as a result of a failed validation. The rejected promise has the error as the failed validation string.

2. maxLength and notEmpty

maxLength and notEmpty are our validator functions. They are supposed to return true when validation passes and an error message if the validation fails. Adding a new validation is quite easy, we can take a look at how maxLength or notEmpty works

notEmpty validator function

Get all the key names and filter those keys which do not pass the test. If there is any key that fails the test, return the error message otherwise return true. Error messages contain names of the exact key names that failed.

Conclusion

That’s all in this article for API validations. Feel free to use the code however you like. You can add your desired validation methods to it if you want.

I hope you enjoyed reading and you learned something new. If you think I missed something in the article or the pattern could be improved please tell that in the comments below.

Thanks, for reading. Follow me on Medium for more such articles.