Of Stack

Laravel Learning Tutorial request validation Compilation

  • 2021-08-10 07:12:41
  • OfStack

Preface

This paper mainly introduces the related contents about request validation of Laravel. When writing api with laravel, when request transmitted from the front end is POST/PUT/PATH and other method, request validation needs to be done. Although validation has been done for the front-end separation program, Angular/Vue has been done for the front-end program, but json input transmitted from ajax also needs to be done at the back end.

How to write request validation gracefully? The official laravel document already contains this feature: Form Request Validation

The implementation method is as follows

You can write an JsonRequest here: 


class JsonRequest extends Illuminate\Foundation\Http\FormRequest
{
 public function rules()
 {
  $method = $this->method();
  
  assert(in_array($method, [static::METHOD_POST, static::METHOD_PUT, static::METHOD_PATCH], true));
  
  $controller = $this->route()->getController();
  $rules  = $controller::RULES;

  return ($rules[$this->method()] ?? []) + ($rules['*'] ?? []);
 }

 public function authorize()
 {
  return true;
 }
}

In this way, JsonRequest can be used in many Model Controller, such as: 


use Illuminate\Http\Request;

final class AccountController extends \App\Http\Controllers\Controller
{
 public const RULES = [
  Request::METHOD_POST => [
   'bank_account' => 'required_if:type,bank',
   'loan_account' => 'required_if:type,loan',
  ],
  Request::METHOD_PUT => [
   // ...
  ],
  '*' => [
   // ...
  ],
 ];
}

In this way, it can be verified whether the json input transmitted from the front end is legal.

(1) If the json input coming in from the front end is: 


{
 "name": "lx1036",
 "type": "loan",
 "bank_account": {
  "source": "bank",
 }
}

Then validation fails and is illegal.

(2) If the json input coming in from the front end is: 


{
 "name": "lx1036",
 "type": "bank",
 "loan_account": {
  "source": "loan",
 }
}

Then validation fails and is illegal.

In this way, json input can be verified. If it is illegal, throw 1 HttpException will be bounced back directly, which is no longer used to enter the next step of logic. For such nested json input, it is very important to use request validation to verify the relationship between objects, which can be regarded as a preliminary verification before entering the core business logic. . Of course, there is model validation when writing the table finally, so as to avoid bad data entering db.

Finally, the laravel document only talks about usage, but does not explain the principle. The code is in\ Illuminate\ Foundation\ Providers\ FormRequestServiceProvider:: class: 


 public function boot()
 {
  // \Illuminate\Foundation\Http\FormRequest use  It's over  ValidatesWhenResolvedTrait , extends  It's over  \Illuminate\Contracts\Validation\ValidatesWhenResolved
  $this->app->afterResolving(ValidatesWhenResolved::class, function ($resolved) {
   $resolved->validate();
  });

  // ...
 }

Therefore, when resolve from the container is finished\ Illuminate\ Foundation\ Http\ FormRequest, the method\ Illuminate\ Foundation\ Http\ FormRequest:: validate () will be executed immediately, which is not described in detail, but can be seen from laravel source code.

OK, in a word, when writing programs, validation is very important and needs to be written, including request, validation and model, validation. . .

Summarize

Related articles: