Bird
Raised Fist0
Expressframework~5 mins

Custom validation rules in Express - Cheat Sheet & Quick Revision

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Recall & Review
beginner
What is a custom validation rule in Express?
A custom validation rule is a user-defined function that checks if input data meets specific conditions beyond built-in validations.
Click to reveal answer
beginner
How do you add a custom validation rule using express-validator?
Use the .custom() method on a validation chain and provide a function that returns true or throws an error if validation fails.
Click to reveal answer
intermediate
What should a custom validation function return or throw?
It should return true if validation passes or throw an error (or return a rejected promise) if validation fails.
Click to reveal answer
intermediate
Why use custom validation rules instead of built-in ones?
Custom rules let you check complex or unique conditions specific to your app that built-in validators can't handle.
Click to reveal answer
beginner
Give an example of a simple custom validation rule in Express.
Example: .custom(value => { if (!value.startsWith('A')) throw new Error('Must start with A'); return true; }) checks if input starts with 'A'.
Click to reveal answer
Which method is used to create a custom validation rule in express-validator?
A.validate()
B.custom()
C.checkCustom()
D.rule()
What should a custom validation function do if the input is invalid?
AIgnore the input
BReturn true
CReturn false silently
DThrow an error or return a rejected promise
Why might you need a custom validation rule?
ATo handle unique or complex input checks not covered by built-in validators
BTo speed up server response
CTo check simple required fields
DTo replace all built-in validators
Which package is commonly used with Express for validation including custom rules?
Aexpress-validator
Bbody-parser
Ccors
Dmongoose
What happens if a custom validation function returns true?
AValidation is skipped
BValidation fails
CValidation passes
DServer crashes
Explain how to create and use a custom validation rule in Express with express-validator.
Think about how you tell express-validator to run your own check.
You got /4 concepts.
    Why are custom validation rules important in web applications using Express?
    Consider what built-in validators might miss.
    You got /4 concepts.

      Practice

      (1/5)
      1. What is the main purpose of using custom() in Express validation?
      easy
      A. To format the response JSON
      B. To automatically sanitize all inputs
      C. To connect to the database
      D. To create your own rules for checking input values

      Solution

      1. Step 1: Understand the role of custom()

        The custom() method allows you to write your own validation logic beyond built-in checks.

      2. Step 2: Identify the purpose in input validation

        It is used to check inputs with rules you define, like checking a password strength or a special format.

      3. Final Answer:

        To create your own rules for checking input values -> Option D

      4. Quick Check:

        Custom validation = custom rules [OK]
      Hint: Custom means you write your own check function [OK]
      Common Mistakes:
      • Thinking custom() sanitizes inputs automatically
      • Confusing custom() with response formatting
      • Assuming custom() connects to databases
      2. Which of the following is the correct syntax to add a custom validation rule using Express Validator?
      easy
      A. check('age').custom(value => { if(value < 18) throw new Error('Too young'); return true; })
      B. check('age').custom(value => value < 18 ? true : false)
      C. check('age').custom(value => { return false; })
      D. check('age').custom(value => { throw 'Error'; })

      Solution

      1. Step 1: Review correct custom validation syntax

        The function inside custom() should throw an error if validation fails and return true if it passes.

      2. Step 2: Analyze each option

        check('age').custom(value => { if(value < 18) throw new Error('Too young'); return true; }) throws an error when value is less than 18 and returns true otherwise, which is correct. check('age').custom(value => value < 18 ? true : false) returns true when value is less than 18, which is opposite logic. check('age').custom(value => { return false; }) always returns false, which fails validation. check('age').custom(value => { throw 'Error'; }) throws an error unconditionally, so it always fails.

      3. Final Answer:

        check('age').custom(value => { if(value < 18) throw new Error('Too young'); return true; }) -> Option A

      4. Quick Check:

        Throw error on fail, return true on pass [OK]
      Hint: Throw error to fail, return true to pass [OK]
      Common Mistakes:
      • Returning false instead of throwing error
      • Throwing error without condition
      • Returning true on invalid input
      3. Given this code snippet, what will be the validation result if req.body.username is "abc"? 
      check('username').custom(value => {
  if(value.length < 5) throw new Error('Too short');
  return true;
})
      medium
      A. Validation fails with 'Too short' error
      B. Validation passes
      C. Validation fails with syntax error
      D. Validation passes but logs a warning

      Solution

      1. Step 1: Check the input value length

        The input "abc" has length 3, which is less than 5.

      2. Step 2: Apply the custom validation logic

        The function throws an error 'Too short' if length is less than 5, so it throws an error here causing validation to fail.

      3. Final Answer:

        Validation fails with 'Too short' error -> Option A

      4. Quick Check:

        Input too short = error thrown [OK]
      Hint: Check input length against condition in custom() [OK]
      Common Mistakes:
      • Assuming validation passes for short input
      • Confusing error throwing with warnings
      • Expecting syntax errors from valid code
      4. Identify the error in this custom validation code: 
      check('email').custom(value => {
  if(!value.includes('@'))
    return new Error('Invalid email');
  return true;
})
      medium
      A. The function must return false instead of true
      B. The condition should check for '.' instead of '@'
      C. It should throw an error, not return it
      D. No error, code is correct

      Solution

      1. Step 1: Understand error signaling in custom validation

        Custom validators must throw an error to indicate failure, not return an Error object.

      2. Step 2: Analyze the given code

        The code returns new Error('Invalid email') instead of throwing it, so validation will not fail as expected.

      3. Final Answer:

        It should throw an error, not return it -> Option C

      4. Quick Check:

        Throw error to fail validation [OK]
      Hint: Throw errors, don't return them in custom() [OK]
      Common Mistakes:
      • Returning Error object instead of throwing
      • Checking wrong condition for email
      • Returning false instead of throwing error
      5. You want to create a custom validation rule that checks if a password contains at least one uppercase letter, one number, and is at least 8 characters long. Which of these implementations correctly achieves this?
      hard
      A. check('password').custom(value => { if(value.length < 8) return false; if(!/[A-Z]/.test(value)) return false; if(!/\d/.test(value)) return false; return true; })
      B. check('password').custom(value => { if(!/[A-Z]/.test(value)) throw new Error('Missing uppercase'); if(!/\d/.test(value)) throw new Error('Missing number'); if(value.length < 8) throw new Error('Too short'); return true; })
      C. check('password').custom(value => { if(value.length < 8) throw 'Too short'; if(!/[A-Z]/.test(value)) throw 'Missing uppercase'; if(!/\d/.test(value)) throw 'Missing number'; return false; })
      D. check('password').custom(value => { if(value.length >= 8 && /[A-Z]/.test(value) && /\d/.test(value)) return true; else return false; })

      Solution

      1. Step 1: Check each condition with proper error throwing

        check('password').custom(value => { if(!/[A-Z]/.test(value)) throw new Error('Missing uppercase'); if(!/\d/.test(value)) throw new Error('Missing number'); if(value.length < 8) throw new Error('Too short'); return true; }) checks each condition separately and throws a specific error if it fails, returning true only if all pass.

      2. Step 2: Compare other options for correctness

        check('password').custom(value => { if(value.length < 8) return false; if(!/[A-Z]/.test(value)) return false; if(!/\d/.test(value)) return false; return true; }) returns false instead of throwing errors, which is incorrect. check('password').custom(value => { if(value.length < 8) throw 'Too short'; if(!/[A-Z]/.test(value)) throw 'Missing uppercase'; if(!/\d/.test(value)) throw 'Missing number'; return false; }) throws string errors and returns false at the end, which breaks the rule of returning true on success. check('password').custom(value => { if(value.length >= 8 && /[A-Z]/.test(value) && /\d/.test(value)) return true; else return false; }) returns false instead of throwing an error if conditions fail, which is incorrect.

      3. Final Answer:

        check('password').custom(value => { if(!/[A-Z]/.test(value)) throw new Error('Missing uppercase'); if(!/\d/.test(value)) throw new Error('Missing number'); if(value.length < 8) throw new Error('Too short'); return true; }) -> Option B

      4. Quick Check:

        Throw specific errors, return true if all pass [OK]
      Hint: Throw specific errors for each fail, return true if all pass [OK]
      Common Mistakes:
      • Returning false instead of throwing errors
      • Throwing strings instead of Error objects
      • Returning false on success