-
-
Save stongo/6359042 to your computer and use it in GitHub Desktop.
| var mongoose = require('mongoose'); | |
| mongoose.connect('mongodb://localhost/test'); | |
| var db = mongoose.connection; | |
| db.on('error', function() { | |
| return console.error.bind(console, 'connection error: '); | |
| }); | |
| db.once('open', function() { | |
| var User; | |
| return User = require('./user.js'); | |
| }); | |
| // Validate a user | |
| (function() { | |
| var User = require('./user.js'); | |
| var me = { username: 'foo' }; | |
| var user = new User(me); | |
| var err = user.joiValidate(me); | |
| if (err) throw err; | |
| user.save(function(err, saved) { | |
| ... | |
| }); | |
| })(); |
| var userSchema = mongoose.Schema({ | |
| username: String, | |
| password: String, | |
| email: String, | |
| first_name: String, | |
| last_name: String, | |
| created: { type: Date, default: Date.now }, | |
| }); | |
| userSchema.methods.joiValidate = function(obj) { | |
| var Joi = require('joi'); | |
| var schema = { | |
| username: Joi.types.String().min(6).max(30).required(), | |
| password: Joi.types.String().min(8).max(30).regex(/[a-zA-Z0-9]{3,30}/).required(), | |
| email: Joi.types.String().email().required(), | |
| first_name: Joi.types.String().required(), | |
| last_name: Joi.types.String().required(), | |
| created: Joi.types.Date(), | |
| } | |
| return Joi.validate(obj, schema); | |
| } | |
| module.exports = mongoose.model('User', userSchema); |
Thanks for the write-up @stongo! The example by @devChedar works nicely. However, it gets slightly more complex when you use the same validation for multiple actions with different validation requirements. For example:
- Saving a user requires valid username, email, password
- Logging in as a user requires only email and password
You can make username not required in Joi validation, but since it is actually required for registration, you're then reliant on existence validation getting kicked down the road to the mongoose schema. You can also just not run Joi validation on login requests, but that's also less than ideal.
I suspect the 'best' solution is to create different validation functions for actions with different validation requirements, e.g. validateUserWrite and validateUserLogin. At least, that's how I'm going to handle it. Thanks again for the work on putting together a clean way of doing this.
thanks
Thank you, this was helpful.
Thanks broo
thanks this was very helpful 👍
@devChedar I know this is an old thread but just wanted to let you know this helped me out 2 years after you posted👍👍👍
Thanks @stongo, this thread helped me a lot.
Thank you, this was helpful.
@danwhitston Precisely. There's no way around it.
helpful indeed