Bird
Raised Fist0
Expressframework~20 mins

Validating body fields in Express - Practice Problems & Coding Challenges

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Challenge - 5 Problems
🎖️
Body Field Validation Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
component_behavior
intermediate
2:00remaining
What is the output when sending a POST request with missing required fields?

Consider this Express route that validates the presence of 'username' and 'password' in the request body. What response will the server send if the client sends a POST request with an empty JSON body?

Express
const express = require('express');
const app = express();
app.use(express.json());

app.post('/login', (req, res) => {
  const { username, password } = req.body;
  if (!username || !password) {
    return res.status(400).json({ error: 'Missing username or password' });
  }
  res.status(200).json({ message: 'Login successful' });
});
AStatus 404 with JSON { error: 'Not found' }
BStatus 400 with JSON { error: 'Missing username or password' }
CStatus 500 with JSON { error: 'Server error' }
DStatus 200 with JSON { message: 'Login successful' }
Attempts:
2 left
💡 Hint

Think about what happens when required fields are missing in the request body.

📝 Syntax
intermediate
2:00remaining
Which option correctly validates that 'email' is a non-empty string in the request body?

Which code snippet correctly checks that the 'email' field exists and is a non-empty string in an Express POST route?

Express
app.post('/subscribe', (req, res) => {
  // validation here
});
Aif (req.body.email !== undefined) { res.send('Valid'); } else { res.status(400).send('Invalid email'); }
Bif (req.body.email) { res.send('Valid'); } else { res.status(400).send('Invalid email'); }
Cif (req.body.email.length > 0) { res.send('Valid'); } else { res.status(400).send('Invalid email'); }
Dif (typeof req.body.email === 'string' && req.body.email.trim() !== '') { res.send('Valid'); } else { res.status(400).send('Invalid email'); }
Attempts:
2 left
💡 Hint

Check both type and content to ensure 'email' is a non-empty string.

🔧 Debug
advanced
2:00remaining
What is the response when sending a POST request with missing 'age' field?

Look at this Express route snippet. What response will the server send if the client sends a POST request without the 'age' field?

Express
app.post('/profile', (req, res) => {
  const { age } = req.body;
  if (age && typeof age === 'number' && age > 0) {
    res.send('Valid age');
  } else {
    res.status(400).send('Invalid age');
  }
});
ABecause 'age' is undefined, the condition 'age && ...' is skipped, so it returns 200 (Valid age).
BBecause 'age' is undefined, the condition 'age && ...' is false, so it returns 200 (Valid age).
CBecause 'age' is undefined, the condition 'age && ...' is false, so it returns 400 (Invalid age).
DBecause 'age' is undefined, destructuring throws an error, resulting in status 500.
Attempts:
2 left
💡 Hint

Think about how JavaScript treats undefined in logical AND expressions.

state_output
advanced
2:00remaining
What is the response when sending a POST with 'age' as a string '25'?

Given this Express route, what response will the server send if the client sends { "age": "25" } in the JSON body?

Express
app.post('/check-age', (req, res) => {
  const { age } = req.body;
  if (typeof age === 'number' && age >= 18) {
    res.status(200).json({ message: 'Access granted' });
  } else {
    res.status(403).json({ message: 'Access denied' });
  }
});
AStatus 403 with JSON { message: 'Access denied' }
BStatus 200 with JSON { message: 'Access granted' }
CStatus 400 with JSON { error: 'Invalid age type' }
DStatus 500 with JSON { error: 'Server error' }
Attempts:
2 left
💡 Hint

Check the type of 'age' in the condition.

🧠 Conceptual
expert
3:00remaining
Which middleware approach best ensures all required body fields are validated before route handlers?

You want to validate that the request body contains 'name', 'email', and 'password' fields before any route handler runs. Which approach below best achieves this in Express?

ACreate a middleware function that checks these fields and calls next() if valid or sends 400 error if not; use app.use() to apply it globally.
BAdd validation code inside each route handler separately to check the fields before processing.
CUse a try-catch block inside each route handler to catch missing fields errors.
DRely on client-side validation only and do not validate on the server.
Attempts:
2 left
💡 Hint

Think about reusability and centralizing validation logic.

Practice

(1/5)
1. What is the main reason to validate fields in req.body in an Express app?
easy
A. To log user data for analytics
B. To speed up the server response time
C. To change the data format automatically
D. To ensure the data received is complete and correct before processing

Solution

  1. Step 1: Understand the purpose of validation

    Validation checks if the data sent by the user is complete and correct.

  2. Step 2: Identify the benefit of validation

    It prevents errors and security issues by stopping bad data early.

  3. Final Answer:

    To ensure the data received is complete and correct before processing -> Option D

  4. Quick Check:

    Validation = Check data correctness [OK]
Hint: Validation means checking data before use [OK]
Common Mistakes:
  • Thinking validation speeds up server
  • Assuming validation changes data format
  • Confusing validation with logging
2. Which middleware is required to parse JSON body data in Express before validating fields?
easy
A. express.json()
B. express.static()
C. express.urlencoded()
D. express.raw()

Solution

  1. Step 1: Identify middleware for JSON parsing

    express.json() parses incoming JSON request bodies into JavaScript objects.

  2. Step 2: Compare with other middleware

    express.urlencoded() parses URL-encoded data, express.static() serves files, express.raw() parses raw buffer data.

  3. Final Answer:

    express.json() -> Option A

  4. Quick Check:

    JSON body parsing = express.json() [OK]
Hint: Use express.json() to parse JSON body data [OK]
Common Mistakes:
  • Using express.static() for body parsing
  • Confusing urlencoded with JSON parsing
  • Skipping middleware before validation
3. Given this Express route, what will be the response if req.body.name is missing? 
app.post('/user', (req, res) => {
  if (!req.body.name) {
    return res.status(400).send('Name is required');
  }
  res.send(`Hello, ${req.body.name}`);
});
medium
A. Hello, undefined
B. Name is required
C. 500 Internal Server Error
D. Empty response

Solution

  1. Step 1: Check the condition for missing name

    The code checks if req.body.name is falsy (missing or empty).

  2. Step 2: Understand the response when name is missing

    If missing, it sends status 400 with message 'Name is required'.

  3. Final Answer:

    Name is required -> Option B

  4. Quick Check:

    Missing name triggers 400 error message [OK]
Hint: Missing field triggers error response [OK]
Common Mistakes:
  • Assuming undefined is sent as name
  • Expecting server error instead of 400
  • Thinking response is empty
4. What is wrong with this Express validation code? 
app.post('/login', (req, res) => {
  if (req.body.username === undefined || req.body.password === undefined) {
    res.status(400).send('Missing fields');
  }
  res.send('Login success');
});
medium
A. It should check for null instead of undefined
B. It uses strict equality instead of loose equality
C. It does not stop execution after sending error response
D. It should use res.json() instead of res.send()

Solution

  1. Step 1: Analyze the error handling flow

    The code sends a 400 error but does not return or stop, so it continues to send success response.

  2. Step 2: Identify the fix

    Adding 'return' before res.status(400).send(...) stops further execution.

  3. Final Answer:

    It does not stop execution after sending error response -> Option C

  4. Quick Check:

    Missing return causes double response [OK]
Hint: Return after sending error to stop code [OK]
Common Mistakes:
  • Ignoring missing return after res.send()
  • Confusing equality checks with flow control
  • Thinking res.json() is required for errors
5. You want to validate that req.body.age is a number greater than 18 before processing. Which code snippet correctly validates this and sends a 400 error if invalid?
hard
A. if (!req.body.age || typeof req.body.age !== 'number' || req.body.age <= 18) { return res.status(400).send('Age must be a number over 18'); }
B. if (req.body.age <= 18) { res.status(400).send('Age must be over 18'); }
C. if (typeof req.body.age === 'string' && req.body.age > 18) { return res.status(400).send('Invalid age'); }
D. if (!req.body.age || req.body.age < 18) { res.send('Age is valid'); }

Solution

  1. Step 1: Check for presence and type of age

    Code verifies age exists and is a number using typeof.

  2. Step 2: Check age value is greater than 18

    It ensures age is over 18, else sends 400 error with message.

  3. Step 3: Confirm proper use of return to stop execution

    Return stops further processing after error response.

  4. Final Answer:

    if (!req.body.age || typeof req.body.age !== 'number' || req.body.age <= 18) { return res.status(400).send('Age must be a number over 18'); } -> Option A

  5. Quick Check:

    Check presence, type, and value with return [OK]
Hint: Check type and value, return on error [OK]
Common Mistakes:
  • Not checking type before comparing
  • Missing return after sending error
  • Sending success message on invalid data