Detailed explanation of writing request validation in Laravel

Preface

This article mainly introduces you to the relevant content about request validation writing in Laravel. When writing api with laravel, the request passed in from the front end is POST. /PUT/PATH and other methods require request validation. Although for the front-end and back-end separation programs, the front-end program Angular/Vue has already done validation, but the json input passed by ajax also needs to be validated on the back end.

So how to write request validation elegantly? Laravel official documentation already contains this feature: Form Request Validation

The implementation method is as follows

You can write a JsonRequest here:

class JsonRequest extends Illuminate\Foundation\Http\FormRequest
{
 public function rules()
 {
  $method = $this->method();
  
  assert(in_array($method, [static::METHOD_POST, static::METHOD_PUT, static::METHOD_PATCH], true));
  
  $controller = $this->route()->getController();
  $rules  = $controller::RULES;

  return ($rules[$this->method()] ?? []) + ($rules['*'] ?? []);
 }

 public function authorize()
 {
  return true;
 }
}

This way you can use JsonRequest in many Model Controllers, such as:

use Illuminate\Http\Request;

final class AccountController extends \App\Http\Controllers\Controller
{
 public const RULES = [
  Request::METHOD_POST => [
   'bank_account' => 'required_if:type,bank',
   'loan_account' => 'required_if:type,loan',
  ],
  Request::METHOD_PUT => [
   // ...
  ],
  '*' => [
   // ...
  ],
 ];
}

This way you can verify whether the json input passed in by the front end is legal.

(1) If the json input passed in from the front end is:

{
 "name": "lx1036",
 "type": "loan",
 "bank_account": {
  "source": "bank",
 }
}

, then the validation fails and is illegal.

(2) If the json input passed in from the front end is:

{
 "name": "lx1036",
 "type": "bank",
 "loan_account": {
  "source": "loan",
 }
}

, then the validation fails and is illegal.

In this way, the json input can be verified. If it is illegal, it will directly bounce and throw an HttpException, which is no longer used to enter the next step of logic. For such nested json input, it is important to use request validation to verify the relationship between objects. It can be regarded as a preliminary verification before entering the core business logic. . Of course, there is model validation when writing the table at the end to prevent bad data from entering the db.

Last point, the laravel documentation only talks about usage, but does not explain the principle. The code is in \Illuminate\Foundation\Providers\FormRequestServiceProvider::class:

 public function boot()
 {
  // \Illuminate\Foundation\Http\FormRequest use 了 ValidatesWhenResolvedTrait，extends 了 \Illuminate\Contracts\Validation\ValidatesWhenResolved
  $this->app->afterResolving(ValidatesWhenResolved::class, function ($resolved) {
   $resolved->validate();
  });

  // ...
 }

So when \Illuminate\Foundation\Http\FormRequest is resolved from the container, \Illuminate\Foundation\Http\FormRequest will be executed immediately: :validate() method, no details are given, please refer to laravel source code.

OK, in short, when writing a program, validation is very important and needs to be written, including request validation and model validation. . .

Summarize

The above is the detailed content of Detailed explanation of writing request validation in Laravel. For more information, please follow other related articles on the PHP Chinese website!