RESTful Node.js: A Structured Approach
  • Book Cover
  • About the Author
  • Links and Resources
  • Part I: The Why
    • Foreword
    • Preface
    • Chapter 1: Introduction
      • The Rise of REST and Distributed Systems
      • Problem #1: Structureless Design, Structureless REST
      • The Emergence of JavaScript and Node.js
      • Problem #2: Structureless JavaScript, Structureless Node.js
      • Behold, the Solution: A Structured Approach
      • Summary
  • Part 2: The Theory
    • Chapter 2: REST Origins
      • A Brief History of the Web and the Birth of REST
      • REST vs. HTTP
      • REST - The Abstract Web Architecture
      • HTTP - A Peak at REST's Concrete Implementation
      • What does it mean for an API to be RESTful?
      • Measuring "RESTfulness" with Richardson Maturity Model
      • Pragmatic REST vs Dogmatic REST
      • Summary
    • Chapter 3: RESTful API Design Guidelines and "Best Practices"
      • Theories vs. Principles vs. Guidelines
      • URI Design
      • Method Verbs
      • Status Codes
      • Representational Design
      • Metadata Design
      • Versioning Strategies
      • Security Considerations
      • Documentation
      • Case Study: GitHub
      • Summary
    • Chapter 4: Structured JavaScript Architecture
      • The Monstrous Monolith and Its Downfall
      • Layered/N-Tier Architecture: The Unpopular Proven Way
      • Microservices and Distributed Computing: A Popular Misdirection
      • Summary
    • Chapter 5: The 8 Step Recipe
      • Route Name (URI)
      • Input Request
      • Middleware
      • Validation
      • Domain
      • Events
      • Output Response
      • Test, Refactor, Document
      • Summary
  • Part 3: The Code
    • Chapter 6: Introduction to the Bookstore API
      • The Bookstore API Endpoint Specifications
      • API Design and Code Structure
      • Project Setup
      • Summary
    • Chapter 7: Retrieving Books from our API
      • Retrieving All Books - Planning
      • Retrieving All Books - Implementation
      • Retrieving A Book By ID - Planning
      • Retrieving A Book By ID - Implementation
      • Summary
    • Chapter 8: Adding Authentication to our API
      • Registering the User - Planning
      • Registering the User - Implementation
      • Logging the User In - Planning
      • Logging the User In - Implementation
      • Getting Authenticated User - Planning
      • Getting Authenticated User - Implementation
      • Summary
    • Chapter 9: Adding the Create, Update, and Delete Operations to our API
      • Creating A Book Listing - Planning
      • Creating A Book Listing - Implementation
      • Updating A Book Listing By ID - Planning
      • Updating A Book Listing By ID - Implementation
      • Deleting A Book Listing By ID - Planning
      • Deleting A Book Listing By ID - Implementation
      • Summary
    • Chapter 10: Testing our API
      • Testing the Request
      • Testing the Middleware
      • Testing the Validation
      • Testing the Domain
      • Testing the Event
      • Testing the Response
      • Testing the Controller
      • Integration Test
      • Summary
  • Conclusion
    • Final Words
  • Bonus!
    • Refactoring to HATEOAS
  • Appendix
    • Sources & References
Powered by GitBook
On this page
  • Form Validation
  • Service Validation
  • Sanitization
Edit on GitHub
  1. Part 2: The Theory
  2. Chapter 5: The 8 Step Recipe

Validation

Validation is the act of determining if the input data is in proper form. There are two types of validation, form validation and service validation.

Form Validation

Form validation is simply how one would validate the data if it were a form from the frontend.

Below are some common examples of what would be considered form validation of a user registration endpoint you might build.

  • Email

    • Required.

    • Correct email format.

  • Password

    • At least 6 characters in length.

    • Must contain 1 number.

    • Must contain 1 alphabetical character.

  • Invite_Code

    • A 10 digit number.

Notice how these are quite generic and simple, because these do not pertain to any specific business rules.

Service Validation

Service validation is any type of validation that involves the business logic of your application.

Suppose we use the same user registration endpoint example from above, except this time we have specific business logic that needs validation.

  • Email

    • Must not be taken already.

  • Invite_Code

    • Must be a valid 10 digit number, where only users who have been sent email with that code can have a truly valid one.

Notice these constraints are put in the specification of the application and are not generic at all.

Sanitization

In addition to validation, there is also the sanitization of data. Sanitization is the act of removing and/or replacing any illegal or unwanted characters from the data. It goes hand in hand with validation because sanitizing data before and/or after the validation of data allows us to pass that data with more confidence throughout our application.

Here are some common examples:

  1. Trimming out spaces.

  2. Converting characters to HTML entities.

  3. Escape strings.

  4. Getting rid of special characters.

  5. Converting strings to only lower cases.

PreviousMiddlewareNextDomain

Last updated 3 years ago