0
0
Expressframework~5 mins

File type validation in Express

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Introduction

File type validation helps make sure users upload only allowed file types. This keeps your app safe and working well.

When users upload profile pictures and you want only images like .jpg or .png
When accepting documents and you want to allow only .pdf or .docx files
When you want to block harmful files like .exe or scripts from being uploaded
When you want to control storage space by limiting file types
When you want to improve user experience by giving clear feedback on wrong file types
Syntax
Express
const multer = require('multer');

const fileFilter = (req, file, cb) => {
  if (file.mimetype === 'allowed/type') {
    cb(null, true); // accept file
  } else {
    cb(null, false); // silently reject file
  }
};

const upload = multer({ fileFilter });

The fileFilter function checks the file's MIME type.

Call cb(null, true) to accept or cb(null, false) to silently reject.

Examples
This example allows only JPEG and PNG image files.
Express
const fileFilter = (req, file, cb) => {
  if (file.mimetype === 'image/jpeg' || file.mimetype === 'image/png') {
    cb(null, true);
  } else {
    cb(null, false);
  }
};
This example allows only PDF and Word document files.
Express
const fileFilter = (req, file, cb) => {
  const allowedTypes = ['application/pdf', 'application/msword'];
  if (allowedTypes.includes(file.mimetype)) {
    cb(null, true);
  } else {
    cb(null, false);
  }
};
Sample Program

This Express app uses multer to accept file uploads at /upload. The fileFilter allows only JPEG and PNG images. If a user uploads a different file type, the server responds with an error message.

Express
const express = require('express');
const multer = require('multer');

const app = express();

const fileFilter = (req, file, cb) => {
  if (file.mimetype === 'image/jpeg' || file.mimetype === 'image/png') {
    cb(null, true);
  } else {
    cb(new Error('Only JPEG and PNG files are allowed'), false);
  }
};

const upload = multer({ fileFilter });

app.post('/upload', upload.single('photo'), (req, res) => {
  res.send('File uploaded successfully');
});

app.use((err, req, res, next) => {
  if (err) {
    res.status(400).send(err.message);
  } else {
    next();
  }
});

app.listen(3000, () => {
  console.log('Server started on http://localhost:3000');
});
OutputSuccess
Important Notes

Always check file.mimetype to validate file types securely.

Handle errors from fileFilter to inform users about invalid files.

Combine file type validation with file size limits for better control.

Summary

File type validation ensures only allowed files are uploaded.

Use multer's fileFilter function to check file MIME types.

Provide clear error messages when users upload wrong file types.