How to Validate Data in DRF Serializer in Django
In Django REST Framework, you validate data in a
Serializer by defining validate_fieldname methods for field-level checks or overriding the validate method for object-level validation. These methods raise serializers.ValidationError when data is invalid, ensuring clean and correct input.Syntax
To validate data in a DRF serializer, you can use two main methods:
- Field-level validation: Define a method named
validate_fieldnameto validate a specific field. - Object-level validation: Override the
validate(self, data)method to validate multiple fields together.
Both methods should raise serializers.ValidationError if validation fails.
python
from rest_framework import serializers class MySerializer(serializers.Serializer): my_field = serializers.CharField() other_field = serializers.CharField(required=False) def validate_my_field(self, value): # Field-level validation if 'bad' in value: raise serializers.ValidationError("Invalid value in my_field.") return value def validate(self, data): # Object-level validation if data.get('my_field') == 'forbidden' and data.get('other_field') == 'no': raise serializers.ValidationError("Combination of my_field and other_field is not allowed.") return data
Example
This example shows a serializer validating a username field to disallow the word 'admin' and an object-level check to ensure password and confirm_password match.
python
from rest_framework import serializers class UserSerializer(serializers.Serializer): username = serializers.CharField(max_length=100) password = serializers.CharField(write_only=True) confirm_password = serializers.CharField(write_only=True) def validate_username(self, value): if 'admin' in value.lower(): raise serializers.ValidationError("Username cannot contain 'admin'.") return value def validate(self, data): if data['password'] != data['confirm_password']: raise serializers.ValidationError("Passwords do not match.") return data # Example usage serializer = UserSerializer(data={ 'username': 'myadminuser', 'password': 'pass123', 'confirm_password': 'pass123' }) serializer.is_valid() serializer.errors
Output
{'username': ["Username cannot contain 'admin'."]}
Common Pitfalls
Common mistakes when validating data in DRF serializers include:
- Not returning the validated value in
validate_fieldnamemethods. - Forgetting to return the full
datadictionary in thevalidatemethod. - Raising generic exceptions instead of
serializers.ValidationError. - Trying to validate fields that are not declared in the serializer.
Always raise serializers.ValidationError to properly communicate validation errors to the client.
python
from rest_framework import serializers class BadSerializer(serializers.Serializer): name = serializers.CharField() def validate_name(self, value): if not value.isalpha(): # Wrong: raising generic Exception raise serializers.ValidationError("Name must be alphabetic.") return value def validate(self, data): # Wrong: forgetting to return data if data.get('name') == '': raise serializers.ValidationError("Name cannot be empty.") return data
Quick Reference
Tips for validating data in DRF serializers:
- Use
validate_fieldnamefor single field validation. - Use
validate(self, data)for cross-field validation. - Always raise
serializers.ValidationErrorwith clear messages. - Return the validated value or data after checks.
- Test validation by calling
serializer.is_valid()and checkingserializer.errors.
Key Takeaways
Use validate_fieldname methods for validating individual fields in DRF serializers.
Override the validate method for validating multiple fields together.
Always raise serializers.ValidationError to signal validation problems.
Return the validated value or data after validation methods.
Check serializer.is_valid() and serializer.errors to handle validation results.