Skip to main content
Version: Next

Miscellaneous

buildCheckFunction()

import { buildCheckFunction } from 'express-validator';
buildCheckFunction(locations: Location[]): (
fields?: string | string[],
message?: FieldMessageFactory | ErrorMessage,
) => ValidationChain

Creates a variant of the check() function that checks only the given request locations.

const bodyOrQuery = buildCheckFunction(['body', 'query']);
app.put(
'/update-product',
// id must be either in req.body or req.query, and must be an UUID
bodyOrQuery('id').isUUID(),
productUpdateHandler,
);

TypeScript types

ContextRunner

interface ContextRunner {
run(req: Request, options?: { dryRun: boolean }): Promise<Result>;
}

Interface implemented by all middlewares which run some sort of validation/sanitization.

Returns a promise for a Result exclusive to that validation chain/middleware.

import { check } from 'express-validator';
app.post('/recover-password', (req, res) => {
const result = await check('username').notEmpty().run(req);
if (!result.isEmpty()) {
return res.send('Something is wrong with the username.');
}
});

By default, the validation and sanitization results are persisted back into req, which means that

  • calling validationResult(req) will include the results for this validation
  • a sanitized field wil be updated on the request, such as body('message').trim() will update req.body.message.

This behavior can be changed by setting options.dryRun to true, which will simply run the validations and return the result.

import { check } from 'express-validator';
app.post('/login', (req, res) => {
const usernameResult = await check('username').notEmpty().run(req, { dryRun: true });
const passwordResult = await check('password').notEmpty().run(req, { dryRun: false });
const result = validationResult(req);
// `result` won't include errors from `usernameResult`,
// but will include those from `passwordResult`
});

Location

type Location = 'body' | 'cookies' | 'headers' | 'params' | 'query';

Represents one of the request locations: req.body, req.cookies, req.headers, req.params and req.query.