express-validator helps check and clean user input in Express apps. It keeps your app safe and error-free.
import { body, validationResult } from 'express-validator'; app.post('/route', [ body('fieldName').validationMethod(), // more validations ], (req, res) => { const errors = validationResult(req); if (!errors.isEmpty()) { return res.status(400).json({ errors: errors.array() }); } // proceed if no errors });
Use body() to check data sent in the request body.
validationResult(req) collects errors after validations run.
body('email').isEmail()body('password').isLength({ min: 6 })
body('username').notEmpty()This Express app sets up a POST route '/register' that checks user input for email, password, and username. If input is invalid, it sends back error details. If all is good, it confirms registration.
import express from 'express'; import { body, validationResult } from 'express-validator'; const app = express(); app.use(express.json()); app.post('/register', [ body('email').isEmail().withMessage('Enter a valid email'), body('password').isLength({ min: 6 }).withMessage('Password must be 6+ chars'), body('username').notEmpty().withMessage('Username is required') ], (req, res) => { const errors = validationResult(req); if (!errors.isEmpty()) { return res.status(400).json({ errors: errors.array() }); } res.send('User registered successfully'); }); app.listen(3000, () => console.log('Server running on port 3000'));
Always call validationResult(req) inside your route handler to get validation errors.
You can chain withMessage() to customize error messages for each check.
express-validator works well with Express JSON middleware to parse request bodies.
express-validator helps check and clean user input in Express apps.
Use body() and other validators to define rules for input fields.
Check errors with validationResult(req) and respond accordingly.