@valkyriestudios/validator

An extensible blazing-fast javascript validator

npm install --save @valkyriestudios/validator

import Validator from '@valkyriestudios/validator';

const v = new Validator({
    first_name: 'string|min:2',
    last_name: 'string|min:2',
    old_password: '!equal_to:<password>',
    password: 'string|min:8',
    confirmation: 'equal_to:<password>',
    gender: '?in:<meta.genders>',
    age: '?integer|between:0,150',
});

const evaluation = v.validate({
    first_name: 'Peter',
    last_name: 'Vermeulen',
    old_password: 'myoldpass',
    password: 'mySecr3tPass',
    confirmation: 'mySecr3tPass',
    gender: 'm',
    meta: {
        genders: ['m','f','o']
    };
});

console.log(evaluation.is_valid); // true

When using Validator within typescript and you want to ensure a validator is fully validating the props of a specific type or interface you can pass the type as a generic when constructing a validator instance.

Example:

import Validator from '@valkyriestudios/validator';

type User {
    first_name: string;
    last_name: string;
    email: string;
}

/* Good */
const vUser = new Validator<User>({
    first_name: 'string_ne|min:2',
    last_name: 'string_ne|min:2',
    email: 'email',
});

/* Intellisense will complain because last_name and email rules are missing */
const vUser = new Validator<User>({
    first_name: 'string_ne|min:2',
});

When working with a typed validator such as in the example above, using Validator.check will also give the added bonus of acting as a type guard for the passed object.

Example:

type User = {
    uid:string;
    fname:string;
};

const v = new Validator<User>({uid: 'guid', fname: 'string_ne|min:1|max:128'});

/* At this point 'a' is still seen as 'any' by typescript */
const a = JSON.parse('{"uid":"80efa943-f88d-40a9-8378-39ed62287d05", "fname": "Peter"}');
if (!v.check(a)) return;

/* At this point 'a' is seen as an instance of User thanks to the type guard on check */
a.uid;

After a validator instance is created, you can run it as many times as you want to validate a data object passed to it. The resultset of this is called an evaluation and is returned when calling the validate function.

const myvalidator = new Validator({name: 'string_ne|min:2', age: 'integer|between:1,150'});

const evaluation = myvalidator.validate({name: 'Peter', age: '250'});
// evaluation: {
//    is_valid: false,
//    count: 1,
//    errors: {
//        age: [
//            {msg: 'integer', params: []},
//            {msg: 'between', params: ['1','150']}
//        ],
//    },
// }

// Also supports forms
const form = new FormData();
form.append('name', 'Peter');
console.log(v.validate(form).is_valid); // false

form.append('age', '40');
console.log(v.validate(form).is_valid); // true

The evaluation object consists of two keys that can be used to determine the result of the validation:

• is_valid A boolean value that tells you whether or not the validation succeeded (true) or not (false)

• count An integer value defining how many fields were invalid

• errors An object containing the errors per validated key, each key that had errors will be represented here with an array of the rules that weren't met for the provided value.

Below is an example of such behavior for a more complex validator:

const v = new Validator({
    first_name: 'string_ne|min:2',
    last_name: 'string_ne|min:2',
    address: {
        street: 'string|alpha_num_spaces',
        nr: 'integer',
        zip: 'integer|between:1000,9999',
    },
    contact: {
        email: 'email',
        phone: '?phone',
        website: '?url',
    },
});

v.validate({
    first_name: 'Peter',
    address: {street: 'Amazing Rd'},
    contact: {website: 'www.valkyriestudios.be'},
});
// evaluation: {
//    is_valid: false,
//    count: 4,
//    errors: {
//        'last_name': [
//            {msg: 'string_ne', params: []},
//            {msg: 'min', params: ['2']}
//        ],
//        'street.zip': [
//            {msg: 'integer', params: []},
//        ],
//        'street.zip': [
//            {msg: 'integer', params: []},
//            {msg: 'between', params: ['1000','9999']}
//        ],
//        'contact.email': [
//            {msg: 'email', params: []}
//        ]
//    },
// }

In case you don't need an evaluation object and are simply interested in whether or not something is valid you can also choose to work with the faster check method available on any validator instance. This method is faster than standard validation through validate due to not needing to build up a full resultset and immediately returning the moment it spots something invalid.

Take Note: When using typescript and working with a typed validator, (eg: new Validator<User>({...})) the check function also acts as a type guard for the checked data.

const v = new Validator({name: 'string_ne|min:2', age: 'integer|between:1,150'});

v.check({name: 'Peter', age: '250'}); // false
v.check({name: 'Peter', age: 20}); // true

// Also supports forms
const form = new FormData();
form.append('name', 'Peter');
v.check(form); // false

form.append('age', '40');
v.check(form); // true

Let's say you're working on backend validation and you're receiving FormData instances with Files and other raw data ... we all know that validating those can get quite complex, and then there's the conversion as well to more easily work with it server-side.

checkForm is a utility allowing you to check if a FormData instance is valid AND automatically convert it to an object if it is

Take Note:

• When using typescript and working with a typed validator, (eg: new Validator<User>({...})) the checkForm function will return an Object of type User if valid.
• checkForm is perfect for usage inside of middleware on backend endpoints

type User = {
    age: number;
    name: string;
};
const v = new Validator<User>({name: 'string_ne|min:2', age: 'integer|between:1,150'});

const form = new FormData();
form.append('name', 'Peter');
form.append('age', '34');
const result = v.checkForm(form);
if (!result) return;

... // result is typed as User here and will be {name: "Peter", age: 34}

A validator instance is reusable across multiple validation runs, it's instantiated with a set of rules that it needs to validate later down the line. These rules can go from single dimensional kv objects to multi-dimensional kv objects.

You can create very small validators ... = new Validator({email: 'email'}); to very complex validators using a simple readable syntax.

new Validator({
    address: {
        street: 'string|alpha_num_spaces',
        nr: 'integer',
        zip: 'integer|between:1000,9999',
    },
    contact: {
        email: '(email)(false)',
    },
    filters: {
        ids: '?[unique]integer|greater_than:0',
        types: '[unique|max:5]is_type',
    },
});

Validation of a value can be a simple one-off thing, or it can be a set of rules that the value needs to go through, as such a validation descriptor can contain multiple rules.

The syntax for this is best shown with a good example integer|between:1000,9999|!equal_to:5.

The | symbol is a delimiter to show where a rule ends and another rule starts. eg: integer|min:10 will evaluate the integer rule and the minimum rule with param 10

Certain rules allow for parameters to be passed, the : symbol marks where the rule name ends and the parameter (or list of parameters start). For example in equal_to:5 the name of the rule being evaluated is equal_to and the parameter that will be passed to it is: 5.

In case a rule allows for more than one parameter to be passed we can identify each distinct parameter value by separating them with the , symbol. For example in the rule between:1000,999 the list of parameters passed for evaluation to the between rule is [1000, 9999].

The ! symbol marks a rule as the opposite of what we're validation for, meaning that we should revert the validation, another example is !equal_to:foo, which means accept anything that is not equal to foo. This can be used with any rule (including custom ones) as well as parameterized rules. For example: !equal_to:<otherfield> would mean only validate as true if the value being passed is not equal to the value of the otherfield prop in our data object.

Validation sometimes requires context, this context is usually linked to other variables in the data object that is being validated. Think of a password confirmation that needs to be matched, or a string that needs to be in a provided string of arrays. For this we've added the ability to parameterize your ruleset.

Parameterization happens through the following syntax <myparam> where myparam is the key of the value it needs to link to in the data object.

Example of a parameterized equal to rule:

const v = new Validator({a: 'equal_to:<b>'});

v.check({a: 'hello', b: 'world'}); // false
v.check({a: 'foo', b: 'foo'}); // true

Example of a parameterized greater_than rule:

const v = new Validator({a: 'greater_than:<b>'});

v.check({a: 50, b: 40}); // true
v.check({a: 10, b: 20}); // false

Take note: Custom rules (see below) do not need any special definition for this to work.

In some cases you only want to validate a specific key if it is passed, if not you don't want to run the validations. To allow for this we've added the ? flag.

To make use of the ? flag, place it at the very start of the defined rule.

Example of an optional rule:

const v = new Validator({gender: '?string|in:<genders>'});

v.check({genders: ['m', 'f', 'o']}); // true
v.check({gender: 'X', genders: ['m', 'f', 'o']}); // false

In some cases you want to validate the exact opposite of a rule, for example if you want to validate that something is not in a set, not equal to something, not of a certain type, not ... (you catch my drift). To allow for this we've added the ! flag.

To make use of the ! flag, place it at the very start of any condition (including your own conditions that are defined through extension).

Examples of opposite validations:

const v = new Validator({
    password: 'string|min:8',
    password_old: 'string|min:8|!equal_to:<password>',
});

v.check({password: 'mysecretpass', password_old: 'mysecretpass'}); // false
v.check({password: 'mysecretpass', password_old: 'myoldpass'}); // true

Often, we have to deal with things such as validation of sets of data, good examples might be filters where you can have multi-selection. To tackle the concept of array or KV-map validation you can treat any rule as an iterable rule by prefixing [] in front of it.

For example the rule: integer|greater_than:0 will validate that the provided value is an integer greater than 0, but if we expect an array of integers that need to be greater than 0 we can use the following: []integer|greater_than:0.

const v = new Validator({
    ids: '[]integer|greater_than:0',
});

v.check({ids: 5}); // false
v.check({ids: [5]}); // true

In case you need to validate a KV-Map where each value needs to be valid according to the same rule swap out the [] prefix for {}.

Validator.extendSchema('user', {first_name: 'string_ne|min:2'});

const v = new Validator({users: '{min:1}user'});

v.check({users: {}}); // false
v.check({users: {
    peter: {first_name: 'Peter'},
}}); // true
v.check({users: {
    peter: {first_name: 'Peter'},
    jake: {first_name: null}
}}); // false

We understand that array or KV-map validation requires just a tad more control, as such you can pass the following options to the iterable in the rule.

These options can be combined as well. For example the following rule will ensure that only a unique array with minimum 1 and maximum 4 elements can be passed, and that each element passes a custom rule (see extending) called is_fruit:

Validator.extend('is_fruit', val => ['apple', 'orange', 'pear'].indexOf(val) >= 0);

const validator = new Validator({fruits: `[unique|min:1|max:4]is_fruit`});
validator.check({fruits: ['apple', 'orange']}); // true
validator.check({fruits: ['apple', 'apple', 'orange']}); // false (not unique)
validator.check({fruits: []}); // false (min: 1)
validator.check({fruits: ['apple', 'dog', 'orange']}); // false (is_fruit)
validator.check({fruits: ['apple', 'dog', 'orange', 'pear', 'pear']}); // false (is_fruit and over max)

Every now and then we want to validate whether or not something is either A or B, for example whether or not a value is an email or its false. To tackle this notion of something being valid in multiple ways you can employ an or group, for example to validate whether or not something is either an email or false we can do the following:

const v = new Validator({a: '(email)(false)'});
v.check({a: false}); // true
v.check({a: 'contact@valkyriestudios.be'}); // true
v.check({}); // false
v.check({a: 'foobar'}); // false
v.check({a: true}); // false

OR groups can be combined with the ? sometimes flag as well like ?(email)(false) which would have the following behavior:

const v = new Validator({a: '(email)(false)'});
v.check({a: false}); // true
v.check({a: 'contact@valkyriestudios.be'}); // true
v.check({}); // true
v.check({a: 'foobar'}); // false
v.check({a: true}); // false

And can also be combined with other operators to form more complex rules such as:

const v = new Validator({a: '?(integer|between:1,150|!between:50,100)(integer|between:-1,-150)'});
v.check({a: 0}); // false
v.check({a: 20}); // true
v.check({}); // true
v.check({a: -20}); // true
v.check({a: 65}); // false

And even with array combinators:

const v = new Validator({a: '(email)([unique|min:1]email)');
v.check({a: 'contact@valkyriestudios.be'}); // true
v.check({a: ['contact@valkyriestudios.be', 'peter@valkyriestudios.be'}); // true
v.check({a: ['contact@valkyriestudios.be', 'contact@valkyriestudios.be']}); // false

Take note: When using the .validate method the evaluation result for a descriptor working with OR groups will be multi-dimensional like this:

const v = new Validator({
    contact: {
        email: '(email)(false)',
        address: '?string_ne',
    },
});
const evaluation = v.validate({contact: {address: 'bla'}});
//  {
//      is_valid: false,
//      count: 1,
//      errors: {
//          'contact.email': [
//              [
//                  {msg: 'email', params: []}
//              ], [
//                  {msg: 'false', params: []}
//              ]
//          ]
//      }
//  }

The below section describes 4 different ways to extend the base set of rules that already exist within the validator. It needs to be mentioned that the validator's rules are centrally stored, meaning that these extensions only need to be run once and don't necessarily need to be run in the same file :)

A validator library can/should only provide the default rules that would cover 90% of the validation use cases, however some validations are custom to your specific case, as such you can add your own custom rules through the extend static function on the Validator class.

Adding a rule to the Validator is global and shared among all other validator instances, so it's advised to do this at boot.

Example of a rule that will validate whether a string is a user role:

Validator.extend('user_role', val =>  ['admin', 'user', 'guest'].includes(val));

(new Validator({a: 'user_role'})).check({a: 'owner'}); // false
(new Validator({a: 'user_role'})).check({a: 'admin'}); // true

Example of a rule that will validate whether an integer is the double of a provided parameter

Validator.extend('is_double', (val, param) => val === (param * 2));

const v = new Validator({a: 'is_double:<b>'});

v.check({a: 6, b: 4}); // false
v.check({a: 8, b: 4}); // true

If you see the need to add a group of custom rules, this can also be done through Validator.extendMulti:

Validator.extendMulti({
    ...
    is_fruit: val => ['apple', 'pear', 'orange'].indexOf(val) >= 0,
    is_animal: val => ['dog', 'cat', 'horse'].indexOf(val) >= 0,
    is_pet: val => ['dog', 'cat'].indexOf(val) >= 0,
    ...
});

Most applications are structured around a series of models, for example a User, Location, Company model. In most real-world scenarios these models will need to be validated the same wherever they're being used. To make this validation easier we've introduced a method to allow extending the validator with a rule that validates an object according to a series of rules.

For example a user model that can contain a first_name, last_name, email, phone and time zone could be registered as follows:

Validator.extendSchema('user', {
    first_name: 'string_ne|min:3',
    last_name: 'string_ne|min:3',
    email: 'email',
    phone: 'phone',
    zone: 'time_zone',
});

const v = new Validator({a: 'user'});
v.check({a: {
    first_name: 'Peter',
    last_name: 'Vermeulen',
    email: 'contact@valkyriestudios.be',
}}); // false
v.check({a: {
    first_name: 'Peter',
    last_name: 'Vermeulen',
    email: 'contact@valkyriestudios.be',
    phone: '(555) 123 4567',
    zone: 'America/New_York',
}}); // true

As with all other ways of extending the Validator these defined rules can also be called directly:

Validator.rules.user({first_name: 'Peter'}); // false

Quicktip: When using typescript you can also ensure that your Validator schema extensions stay aligned with your defined types and interfaces. In the following example intellisense will complain about the address schema not being aligned with the address type.

import Validator from '@valkyriestudios/validator';

type User = {
    first_name: string;
    last_name: string;
    email: string;
    phone: string;
}

type Address = {
    street: string;
    city: string;
    zip: string;
    number: string;
}

Validator.extendSchema<User>('user', {
    first_name: 'string_ne|min:3',
    last_name: 'string_ne|min:3',
    email: 'email',
    phone: 'phone',
});

Validator.extendSchema<Address>('address', {
    street: 'string_ne|min:2',
    city: 'string_ne|min:2',
    number: 'string_ne|min:2',
    //  Typescript will complain about 'zip' not being part of this
});

Quicktip: Given that Validator is a global singleton it is beneficial to centralize schema extension, as you only need to register them once.

In most real-world scenarios we often need to validate whether or not a provided value is in a fixed set. The above extendMulti example is one way of doing so but in many use cases those predefined sets come from somewhere else. To make it easier to define/use them you can make use of the static Validator.extendEnum method.

This method expects a kv-map where the key is the name we want to validate with and the value is an array of strings/numbers that is our set. An example of this behavior can be found below (using the example from extendMulti):

Validator.extendEnum({
    is_fruit    : ['apple', 'pear', 'orange'],
    is_animal   : ['dog', 'cat', 'horse'],
    is_pet      : ['dog', 'cat'],
});

Of course the below would also work in case the sets are coming from somewhere else:

import FRUITS from '...'; // Eg: FRUITS {APPLE: 'apple', PEAR: 'pear', ORANGE: 'orange'}
import ANIMALS from '...'; // Eg: ANIMALS {DOG: 'dog', CAT: 'cat', HORSE: 'horse'}
import PETS from '..'; // Eg: PETS {DOG: 'dog', CAT: 'cat'}

Validator.extendEnum({
    is_fruit    : Object.values(FRUITS),
    is_animal   : Object.values(ANIMALS),
    is_pet      : Object.values(PETS),
});

Take Note: In most real-world use cases enumerations don't tend to change at runtime, in case this does happen you can always re-run the enum extension, for example:

Validator.extendEnum({FRUITS: ['apple', 'pear']});
const v = new Validator({val: 'FRUITS'});

v.check('banana'); // false

Validator.extendEnum({FRUITS: ['apple', 'pear', 'banana']});

v.check('banana'); // true

Every now and them we need to validate whether or not a provided value is valid according to a certain pattern, more often than not we employ a regex to do so. To make it easier to define/use them you can make use of the static Validator.extendRegex method.

This method expects a kv-map where the key is the name we want to validate with and the value is a regex (either created through /.../ syntax or new RegExp(...);. For example let's say we wanted to adjust our fruist/animal validation from above and turn it into a regex to also validate on whether or not they match the capitalized version of them. We could do so as follows:

Validator.extendRegex({
    is_fruit    : /^((a|A)pple|(p|P)ear|(o|O)range)$/g,
    is_animal   : /^((d|D)og|(c|C)at|(h|H)orse)$/g,
    is_pet      : /^((d|D)og|(c|C)at)$/g,
});

Take Note: In most real-world use cases regexes don't tend to change at runtime, however in case this does happen you can always re-run the regex extension, for example:

Validator.extendRegex({FRUITS: /^(apple|pear)$/g});

const v = new Validator({val: 'FRUITS'});
v.check('banana'); // false

Validator.extendRegex({FRUITS: /^(apple|pear|banana)$/g});
v.check('banana'); // true

Cautionary Note: Regex can be incredibly powerful as long as you know how to wield it, it can however also lead to inperformance if not written correctly. If you want to learn more about Regex performance feel free to peruse this article regarding what is colloquially known as Evil RegEx.

If you see the need to directly use the validation rule functions without a validator instance, or want to check internal state you can use the Validator.rules static.

Validator.rules.phone('+32 487 61 59 82'); // true
Validator.rules.email('contact@valkyriestudios.be'); // true

This also goes for enumeration and regex rules:

Validator.extendEnum({NAMES: ['Peter', 'John']});
Validator.extendRegex({fruits: /^(appl(e|3)|pear)$/g});
Validator.rules.NAMES('Peter'); // true
Validator.rules.NAMES('Jack'); // false
Validator.rules.fruits('apple'); // true
Validator.rules.fruits('appl2'); // false
Validator.rules.fruits('appl3'); // true

The following list shows you all the default rules that are provided by this library, feel free to write your own or open a PR to extend on this set!

• Peter Vermeulen
• SpekkoRice