1
00:00:01,060 --> 00:00:03,440
<v Instructor>So, Mongoose offers us developers</v>

2
00:00:03,440 --> 00:00:05,823
very powerful ways of validating data

3
00:00:05,823 --> 00:00:08,280
that's coming into our model.

4
00:00:08,280 --> 00:00:10,430
And so, in this video you're gonna learn

5
00:00:10,430 --> 00:00:13,093
all about data validation with Mongoose.

6
00:00:14,870 --> 00:00:18,110
Now, what exactly does validation actually mean?

7
00:00:18,110 --> 00:00:21,470
Well, validation is basically checking if the entered

8
00:00:21,470 --> 00:00:24,270
values are in the right format for each field

9
00:00:24,270 --> 00:00:27,430
in our document schema, and also that values

10
00:00:27,430 --> 00:00:30,860
have actually been entered for all of the required fields.

11
00:00:30,860 --> 00:00:33,940
Now, on the other hand, we also have sanitization,

12
00:00:33,940 --> 00:00:37,240
which is to ensure that the inputted data is

13
00:00:37,240 --> 00:00:40,250
basically clean, so that there is no malicious code

14
00:00:40,250 --> 00:00:42,240
being injected into our database,

15
00:00:42,240 --> 00:00:44,330
or into the application itself.

16
00:00:44,330 --> 00:00:47,470
So, in that step we remove unwanted characters,

17
00:00:47,470 --> 00:00:50,730
or even code, from the input data, all right?

18
00:00:50,730 --> 00:00:53,210
And this is actually a crucial step, like,

19
00:00:53,210 --> 00:00:56,180
a golden standard in back-end development.

20
00:00:56,180 --> 00:00:58,690
To never, ever accept input data

21
00:00:58,690 --> 00:01:00,690
coming from a user as it is.

22
00:01:00,690 --> 00:01:03,860
So, we always need to sanitize that incoming data.

23
00:01:03,860 --> 00:01:06,350
But, anyway, I will leave data sanitization

24
00:01:06,350 --> 00:01:08,620
for the security section of the course,

25
00:01:08,620 --> 00:01:10,070
so that in this lecture

26
00:01:10,070 --> 00:01:13,400
we can focus entirely on data validation.

27
00:01:13,400 --> 00:01:15,430
And we are doing this data validation

28
00:01:15,430 --> 00:01:17,240
right here on the model.

29
00:01:17,240 --> 00:01:20,130
And that, again, is because of the fat model

30
00:01:20,130 --> 00:01:22,110
and thin controller philosophy,

31
00:01:22,110 --> 00:01:24,230
which makes the model the perfect place

32
00:01:24,230 --> 00:01:26,770
to perform validation, right?

33
00:01:26,770 --> 00:01:29,540
And, in fact, Mongoose already comes with a bunch

34
00:01:29,540 --> 00:01:32,230
of validation tools out of the box.

35
00:01:32,230 --> 00:01:36,120
And so, let's now actually do some data validation here.

36
00:01:36,120 --> 00:01:37,680
And actually, we already did.

37
00:01:37,680 --> 00:01:41,850
So, when we used this require here, that is actually

38
00:01:41,850 --> 00:01:45,290
already a built in data validator, all right?

39
00:01:45,290 --> 00:01:48,368
So you see that we use a validator like required

40
00:01:48,368 --> 00:01:50,970
right here in the schema type options.

41
00:01:50,970 --> 00:01:54,340
And required is actually available for all the data types.

42
00:01:54,340 --> 00:01:56,870
So, not just strings, but really everything.

43
00:01:56,870 --> 00:02:00,010
Numbers, Booleans, dates, or really,

44
00:02:00,010 --> 00:02:01,930
whatever type you're using.

45
00:02:01,930 --> 00:02:04,970
Then we also have unique here, but please note,

46
00:02:04,970 --> 00:02:08,610
that this is actually, technically, not a validator.

47
00:02:08,610 --> 00:02:10,170
It will still produce an error

48
00:02:10,170 --> 00:02:12,080
when we have a duplicate name,

49
00:02:12,080 --> 00:02:15,167
but again, this is not really a validator, all right?

50
00:02:15,167 --> 00:02:17,790
But, required is a validator,

51
00:02:17,790 --> 00:02:20,403
and so I'm going to show you now another one

52
00:02:20,403 --> 00:02:23,000
which is specifically just for strings,

53
00:02:23,000 --> 00:02:26,870
which is called max length and also min length.

54
00:02:26,870 --> 00:02:28,160
So, we have max length

55
00:02:30,320 --> 00:02:32,830
and as the name says, we use this to specify

56
00:02:32,830 --> 00:02:35,470
the maximum length that a string can have.

57
00:02:35,470 --> 00:02:37,490
And if it's longer than that, well then,

58
00:02:37,490 --> 00:02:39,800
it's going to produce an error, all right?

59
00:02:39,800 --> 00:02:42,936
So, let's do that just like we did before with required,

60
00:02:42,936 --> 00:02:47,170
where we specified an array, and then set the value.

61
00:02:47,170 --> 00:02:50,940
So, let's say we want 40 as the maximum string length,

62
00:02:50,940 --> 00:02:53,920
and then, we add the error after that.

63
00:02:53,920 --> 00:02:56,850
So, basically, the error message that we get.

64
00:02:56,850 --> 00:03:01,093
So, a tour name must have

65
00:03:05,410 --> 00:03:08,693
less or equal then 40 characters.

66
00:03:10,880 --> 00:03:13,320
Okay, so, that is max length,

67
00:03:13,320 --> 00:03:15,673
and then we also have min length.

68
00:03:18,600 --> 00:03:22,480
All right, and so let's set that one to 10,

69
00:03:22,480 --> 00:03:27,480
so a tour name must have more or equal then 10 characters.

70
00:03:29,010 --> 00:03:33,590
Okay, and so just like this we have these two validators

71
00:03:33,590 --> 00:03:37,320
that are actually only available on strings, okay?

72
00:03:37,320 --> 00:03:40,690
And, so let's now actually go ahead and try that.

73
00:03:40,690 --> 00:03:42,690
So, I'm going to create a new tour here.

74
00:03:44,570 --> 00:03:46,453
And, this is not a secret tour,

75
00:03:48,050 --> 00:03:50,183
but then here the rest does not matter.

76
00:03:53,550 --> 00:03:56,100
I will just call this one Test Tour,

77
00:03:56,100 --> 00:03:58,160
and let's see how many characters we have,

78
00:03:58,160 --> 00:04:00,280
so four plus one, plus four,

79
00:04:00,280 --> 00:04:02,130
so we only have nine characters.

80
00:04:02,130 --> 00:04:05,223
And so, we should now expect to actually get an error.

81
00:04:06,490 --> 00:04:07,980
So, let's try that out.

82
00:04:07,980 --> 00:04:09,910
And, indeed, a tour name must have

83
00:04:09,910 --> 00:04:12,460
more or equal then 10 characters.

84
00:04:12,460 --> 00:04:15,873
Great, but now what about updating tours?

85
00:04:17,290 --> 00:04:19,860
So, let's get one of these here.

86
00:04:19,860 --> 00:04:23,910
So, we have this test tour two here,

87
00:04:23,910 --> 00:04:25,963
so let's try to update this one.

88
00:04:27,540 --> 00:04:30,173
So, we go to our update tour route.

89
00:04:33,690 --> 00:04:38,023
And now let's here, change the name to Test,

90
00:04:39,890 --> 00:04:43,240
send the request, and, we get the same error.

91
00:04:43,240 --> 00:04:45,540
Now, this only works because of a setting

92
00:04:45,540 --> 00:04:47,400
that we set way back,

93
00:04:47,400 --> 00:04:50,600
when we implemented this updating handler.

94
00:04:50,600 --> 00:04:53,853
So, let me quickly show that to you in the tour controller.

95
00:04:54,860 --> 00:04:57,846
Delete and update, and so it's because of this option

96
00:04:57,846 --> 00:05:00,255
here runValidators, set to true

97
00:05:00,255 --> 00:05:03,180
that the validators are run again.

98
00:05:03,180 --> 00:05:04,959
If I set it now to false,

99
00:05:04,959 --> 00:05:09,750
then Mongoose should happily accept this name.

100
00:05:09,750 --> 00:05:12,673
And indeed, it does, all right.

101
00:05:14,880 --> 00:05:17,072
So, let's set it back to something longer,

102
00:05:17,072 --> 00:05:18,453
it doesn't matter,

103
00:05:20,630 --> 00:05:24,073
okay, and if I set it back to true,

104
00:05:26,950 --> 00:05:29,070
then it should not accept it,

105
00:05:29,070 --> 00:05:33,140
and indeed, we get our error back, all right?

106
00:05:33,140 --> 00:05:34,540
So, just wanted to quickly

107
00:05:34,540 --> 00:05:36,763
show you the fact of that setting.

108
00:05:38,820 --> 00:05:42,370
All right, and so, yeah, these are now working.

109
00:05:42,370 --> 00:05:46,030
Let's try a couple of more validators here.

110
00:05:46,030 --> 00:05:48,450
For example, now on numbers.

111
00:05:48,450 --> 00:05:51,520
So, let's go here to the ratings average.

112
00:05:51,520 --> 00:05:53,370
And we know that the rating must always

113
00:05:53,370 --> 00:05:57,330
be between one and zero, and we know that a rating

114
00:05:57,330 --> 00:06:00,880
must always be between one and five, okay?

115
00:06:00,880 --> 00:06:03,680
And so, very similar to the min and max length,

116
00:06:03,680 --> 00:06:06,253
on numbers we simply have min and max.

117
00:06:08,350 --> 00:06:11,353
So, the minimum that we want is one,

118
00:06:15,240 --> 00:06:17,253
and then again our error message.

119
00:06:18,280 --> 00:06:23,280
So, rating must be above 1.0, let's say.

120
00:06:26,360 --> 00:06:29,643
And then the max is five.

121
00:06:34,040 --> 00:06:38,660
Must be below 5.0, okay,

122
00:06:38,660 --> 00:06:40,873
and let's quickly test this one as well.

123
00:06:43,300 --> 00:06:48,300
So, creating a new tour, let's call it the Test Tour Amazing

124
00:06:49,390 --> 00:06:53,933
because it has an average rating of six.

125
00:06:55,020 --> 00:06:57,680
Okay, so let's see what happens then,

126
00:06:57,680 --> 00:07:00,380
and indeed, the rating must be below five.

127
00:07:00,380 --> 00:07:03,620
Okay, and so, that again is not going to work,

128
00:07:03,620 --> 00:07:06,930
and of course it cannot be zero, either.

129
00:07:06,930 --> 00:07:10,130
So, it must be above one, and of course,

130
00:07:10,130 --> 00:07:14,650
with four, it is gonna work, and indeed, here is our tour.

131
00:07:14,650 --> 00:07:18,180
Next up, I want to restrict this difficulty value here

132
00:07:18,180 --> 00:07:20,090
to only three difficulties.

133
00:07:20,090 --> 00:07:22,480
So, easy, medium, and difficult.

134
00:07:22,480 --> 00:07:24,660
And if the user puts in something else,

135
00:07:24,660 --> 00:07:26,360
then it's not going to work.

136
00:07:26,360 --> 00:07:27,623
So, let's try that out.

137
00:07:32,660 --> 00:07:36,420
So, the validator that we use for that is called enum,

138
00:07:36,420 --> 00:07:38,850
okay, and so, here we can pass an array

139
00:07:38,850 --> 00:07:41,403
of the values, basically, that are allowed.

140
00:07:42,570 --> 00:07:47,570
So, we have easy, we have medium, and we have difficult.

141
00:07:49,550 --> 00:07:53,380
All right, now we also want to specify our error message

142
00:07:53,380 --> 00:07:56,870
here, but right now that's not really possible, right?

143
00:07:56,870 --> 00:07:59,490
I mean, if we added another argument here,

144
00:07:59,490 --> 00:08:01,330
then that would not be for the error message,

145
00:08:01,330 --> 00:08:05,540
it would of course be for yet another possible value, okay?

146
00:08:05,540 --> 00:08:08,200
And so, the solution that we need to do here,

147
00:08:08,200 --> 00:08:10,993
is to create yet another object here,

148
00:08:11,900 --> 00:08:15,613
and then, actually specify that these here are the values.

149
00:08:18,870 --> 00:08:23,560
And then, our message, all right?

150
00:08:23,560 --> 00:08:26,230
And so, this is actually how it really works.

151
00:08:26,230 --> 00:08:29,040
This notation here is really just a shorthand for

152
00:08:29,040 --> 00:08:32,763
this complete object here, all right?

153
00:08:34,760 --> 00:08:39,760
So, difficulty is either: easy, medium, or difficult.

154
00:08:45,280 --> 00:08:50,280
Okay, and so, that is a very nice, very handy validator

155
00:08:50,323 --> 00:08:53,870
that is automatically available on all strings, okay,

156
00:08:53,870 --> 00:08:57,348
so, don't try to use this one here on numbers, for example.

157
00:08:57,348 --> 00:08:59,870
This is only for strings.

158
00:08:59,870 --> 00:09:02,540
And, by the way this min and max here

159
00:09:02,540 --> 00:09:04,450
is actually not only for numbers,

160
00:09:04,450 --> 00:09:07,820
but it's also gonna work with dates, all right?

161
00:09:07,820 --> 00:09:12,820
Anyway, let's now finally test this out as well.

162
00:09:13,180 --> 00:09:15,399
So, we need to change the name,

163
00:09:15,399 --> 00:09:17,249
and in here let's put something else,

164
00:09:20,460 --> 00:09:23,233
all right, and so indeed, we get our error.

165
00:09:24,770 --> 00:09:28,080
If we now put easy, then it works.

166
00:09:28,080 --> 00:09:30,450
Okay, and that's actually all I wanted to show you

167
00:09:30,450 --> 00:09:31,780
here in this lecture,

168
00:09:31,780 --> 00:09:35,110
but there are actually a bunch of other validators.

169
00:09:35,110 --> 00:09:38,259
For example, on strings you have a match validator

170
00:09:38,259 --> 00:09:40,370
in order to check if the input

171
00:09:40,370 --> 00:09:43,090
matches a given regular expression.

172
00:09:43,090 --> 00:09:46,460
But, I believe that these ones that I just showed you here

173
00:09:46,460 --> 00:09:49,250
are the most important built in validators.

174
00:09:49,250 --> 00:09:51,450
And, for a complete list of all of them,

175
00:09:51,450 --> 00:09:54,530
of course, you can always check out the documentation.

176
00:09:54,530 --> 00:09:57,590
Now we can also specify our own validators,

177
00:09:57,590 --> 00:09:59,790
and so, that is exactly what we will do

178
00:09:59,790 --> 00:10:01,363
right in the next video.