.. | ||
example | ||
lib | ||
test | ||
.gitignore | ||
.travis.yml | ||
analysis_options.yaml | ||
CHANGELOG.md | ||
LICENSE | ||
pubspec.yaml | ||
README.md |
validate
Strongly-typed form handlers and validators for Angel.
Version 3.x
is a major improvement over 2.x
, though it does include breaking changes.
package:angel_validate
allows you to easily sanitize incoming data, and to deserialize
that data into Dart classes (usually using package:angel_serialize
).
Field
The basic unit is the Field
class, which is a type-safe way to read
values from a RequestContext
. Here is a simple example of using a
TextField
instance to read a value from the URL query parameters:
app.get('/hello', (req, res) async {
var nameField = TextField('name');
var name = await nameField.getValue(req, query: true); // String
return 'Hello, $name!';
});
A Field
can also use Matcher
objects from package:matcher
(which you may recognize from
its usage in package:test
):
var positiveNumberField = IntField('pos_num').match([isPositive]);
There are several included field types:
TextField
BoolField
NumField
DoubleField
IntField
DateTimeField
FileField
ImageField
Forms
The Form
class lets you combine Field
instances, and decode
request bodies into Map<String, dynamic>
. Unrecognized fields are
stripped out of the body, so a Form
is effectively a whitelist.
var todoForm = Form(fields: [
TextField('text'),
BoolField('is_complete'),
]);
// Validate a request body, and deserialize it immediately.
var todo = await todoForm.deserialize(req, TodoSerializer.fromMap);
// Same as above, but with a Codec<Todo, Map> (i.e. via `angel_serialize`).
var todo = await todoForm.decode(req, todoSerializer);
// Lower-level functionality, typically not called directly.
// Use it if you want to handle validation errors directly, without
// throwing exceptions.
@serializable
class _Todo {
String text;
bool isComplete;
}
Form Rendering
TODO: Docs about this
Bundled Matchers
This library includes some Matcher
s for common validations,
including:
isAlphaDash
: Asserts that aString
is alphanumeric, but also lets it contain dashes or underscores.isAlphaNum
: Asserts that aString
is alphanumeric.isBool
: Asserts that a value either equalstrue
orfalse
.isEmail
: Asserts that aString
complies to the RFC 5322 e-mail standard.isInt
: Asserts that a value is anint
.isNum
: Asserts that a value is anum
.isString
: Asserts that a value is aString
.isNonEmptyString
: Asserts that a value is a non-emptyString
.isUrl
: Asserts that aString
is an HTTPS or HTTP URL.
The remaining functionality is
effectively implemented by the matcher
package.