tessl/npm-express-validator
Express middleware for comprehensive request validation and sanitization.
—
Pending
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Securityby
Pending
The risk profile of this skill
validation-chains.mddocs/
Validation Chain Builders
Core functions for creating validation chains that target specific request locations. Each builder creates a validation chain that can be extended with validators and sanitizers.
Capabilities
Body Validation
Creates validation chains for fields in req.body.
/**
* Creates validation chain for req.body fields
* @param fields - Field name(s) to validate (supports nested paths and wildcards)
* @param message - Default error message for failed validations
* @returns ValidationChain for chaining validators and sanitizers
*/
function body(fields?: string | string[], message?: string): ValidationChain;Usage Examples:
import { body } from "express-validator";
// Single field
body('email').isEmail();
// Multiple fields
body(['name', 'email']).trim().notEmpty();
// Nested fields
body('user.profile.age').isInt({ min: 0 });
// Array elements
body('items.*.quantity').isInt({ min: 1 });
// With custom error message
body('password', 'Password must be at least 6 characters').isLength({ min: 6 });Query Parameter Validation
Creates validation chains for fields in req.query.
/**
* Creates validation chain for req.query fields
* @param fields - Field name(s) to validate
* @param message - Default error message for failed validations
* @returns ValidationChain for chaining validators and sanitizers
*/
function query(fields?: string | string[], message?: string): ValidationChain;Usage Examples:
import { query } from "express-validator";
// Query parameters
query('page').isInt({ min: 1 }).toInt();
query('limit').isInt({ min: 1, max: 100 }).toInt();
query('search').trim().escape();
query('sort').isIn(['name', 'date', 'price']);URL Parameter Validation
Creates validation chains for fields in req.params.
/**
* Creates validation chain for req.params fields
* @param fields - Field name(s) to validate
* @param message - Default error message for failed validations
* @returns ValidationChain for chaining validators and sanitizers
*/
function param(fields?: string | string[], message?: string): ValidationChain;Usage Examples:
import { param } from "express-validator";
// Route parameters
param('id').isUUID();
param('userId').isInt().toInt();
param('slug').isSlug();
param('category').isAlpha();Header Validation
Creates validation chains for fields in req.headers.
/**
* Creates validation chain for req.headers fields
* @param fields - Field name(s) to validate
* @param message - Default error message for failed validations
* @returns ValidationChain for chaining validators and sanitizers
*/
function header(fields?: string | string[], message?: string): ValidationChain;Usage Examples:
import { header } from "express-validator";
// Request headers
header('authorization').notEmpty().matches(/^Bearer .+/);
header('content-type').equals('application/json');
header('x-api-key').isUUID();Cookie Validation
Creates validation chains for fields in req.cookies.
/**
* Creates validation chain for req.cookies fields
* @param fields - Field name(s) to validate
* @param message - Default error message for failed validations
* @returns ValidationChain for chaining validators and sanitizers
*/
function cookie(fields?: string | string[], message?: string): ValidationChain;Usage Examples:
import { cookie } from "express-validator";
// Cookies
cookie('sessionId').isUUID();
cookie('preferences').isJSON();
cookie('theme').isIn(['light', 'dark']);Universal Field Validation
Creates validation chains that check all request locations (body, cookies, headers, params, query).
/**
* Creates validation chain that checks all request locations
* @param fields - Field name(s) to validate
* @param message - Default error message for failed validations
* @returns ValidationChain for chaining validators and sanitizers
*/
function check(fields?: string | string[], message?: string): ValidationChain;Usage Examples:
import { check } from "express-validator";
// Checks all locations for 'id' field
check('id').isUUID();
// Useful when field could be in multiple locations
check('token').notEmpty();Custom Location Builder
Creates validation chain builders for specific location combinations.
/**
* Creates custom check function for specific locations
* @param locations - Array of locations to check
* @returns Function that creates ValidationChain for specified locations
*/
function buildCheckFunction(locations: Location[]):
(fields?: string | string[], message?: string) => ValidationChain;Usage Examples:
import { buildCheckFunction } from "express-validator";
// Custom builder for body and query only
const checkBodyAndQuery = buildCheckFunction(['body', 'query']);
// Use the custom builder
checkBodyAndQuery('searchTerm').trim().notEmpty();Chain Methods
All validation chain builders return a ValidationChain that supports:
interface ValidationChain {
// Conditional validation
if(condition: (value: any, meta: Meta) => boolean): ValidationChain;
optional(options?: { nullable?: boolean; checkFalsy?: boolean }): ValidationChain;
// Error handling
withMessage(message: string): ValidationChain;
bail(): ValidationChain;
// Negation
not: ValidationChain;
// Skip options
skipUndefined(): ValidationChain;
skipNull(): ValidationChain;
skipEmpty(): ValidationChain;
}Field Path Syntax
Express-validator supports flexible field path syntax:
- Simple fields:
'name','email' - Nested objects:
'user.profile.name','settings.theme.mode' - Array elements:
'items.0.name','users.1.email' - Wildcards:
'items.*.quantity'(matches any array index) - Multiple fields:
['name', 'email'](validates both fields with same rules)
Examples:
// Nested object validation
body('user.profile.bio').isLength({ max: 500 });
// Array validation
body('products.*.price').isDecimal({ decimal_digits: '2' });
// Multiple field validation
body(['firstName', 'lastName']).trim().notEmpty();