我想使用Express-Validator验证请求对象。假设我有两条路由, GET / users /:id (fetchUserById)和 POST / users (createUser)路由
this.router = express.Router();
this.router.route('/').post(this.userRequestValidator.createUser, this.userController.createUser);
this.router.route('/:id').get(this.userRequestValidator.fetchUserById, this.userController.fetchUserById);
您可以看到,我在调用控制器逻辑之前立即调用了验证中间件。首先,我创建了一个基本的验证器来处理验证错误,并在失败的情况下返回HTTP 400。
export abstract class RequestValidator {
protected validate = async (request: Request, response: Response, next: NextFunction): Promise<void> => {
const errors: Result<ValidationError> = validationResult(request);
if (!errors.isEmpty()) {
return res.status(422).json({ errors: errors.array() });
} else {
next();
}
};
}
我的验证器功能 userRequestValidator.createUser 和 userRequestValidator.fetchUserById 只需扩展RequestValidator并实现验证
export class UserRequestValidator extends RequestValidator {
public createUser = [
body('username')
.isString()
.exists(),
body('password')
.isString()
.exists(),
this.validate,
];
public fetchUserById = [
param('id')
.isString()
.isUUID()
.exists(),
this.validate,
];
}
当我致电GET localhost:3000/users/abc时,会收到此回复
{
"errors": [
{
"value": "abc",
"msg": "Invalid value",
"param": "id",
"location": "params"
}
]
}
这是我期望的答复。但是,当我用空着的身躯打电话给POST localhost:3000/users时,会收到此响应
{
"errors": [
{
"msg": "Invalid value",
"param": "username",
"location": "body"
},
{
"msg": "Invalid value",
"param": "username",
"location": "body"
},
{
"msg": "Invalid value",
"param": "password",
"location": "body"
},
{
"msg": "Invalid value",
"param": "password",
"location": "body"
}
]
}
有人知道我该如何解决此问题,或者我的设置有什么问题吗?
答案 0 :(得分:2)
我不知道为什么当req.body是一个空对象-{}时,验证器将遍历验证链的所有节点。您可以再次检查,为每个条件添加每条消息,如下所示:
class UserRequestValidator extends RequestValidator {
public createUser = [
body('username')
.isString().withMessage('username must be a string') // you can see both error messages in the response
.exists().withMessage('username must be exist'),
body('password') // the same for this field
.isString()
.exists(),
this.validate,
];
public fetchUserById = [
param('id') // because id is exist in `req.params`, then only one test has been executed.
.isString().withMessage('id must be a string')
.isUUID()
.exists(),
this.validate,
];
}
我在https://github.com/express-validator/express-validator/issues/638中找到了适合您的情况的解决方案,使用.bail()函数在第一个错误中停止了链。
然后您的验证器类如下:
class UserRequestValidator extends RequestValidator {
public createUser = [
body('username')
// always check exists() first
.exists().withMessage('username must be exist').bail()
.isString().withMessage('username must be a string').bail(),
body('password')
.exists().bail()
.isString().bail(),
this.validate,
];
public fetchUserById = [
param('id')
.isString()
.isUUID()
.exists(),
this.validate,
];
}
答案 1 :(得分:1)
您还可以在检索错误数组时将 onlyFirstError 设置为 true。
来自documentation:
如果选项 onlyFirstError 设置为 true,则只有第一个错误 将包含每个字段
示例用法:
function validateRequestParams (req, res, next) {
const errors = validationResult(req)
if (errors.isEmpty()) {
return next()
} else {
return res.status(400).json({
bodyValidationErrors: errors.array({ onlyFirstError: true })
})
}
}