0
0
Expressframework~10 mins

Validating route params and query in Express - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Concept Flow - Validating route params and query
Request received
Extract route params & query
Validate params & query
Proceed
Handle request logic
Send success response
When a request comes in, Express extracts route parameters and query strings, then checks if they are valid before continuing or sending an error.
Execution Sample
Express
app.get('/user/:id', (req, res) => {
  const id = req.params.id;
  const age = req.query.age;
  if (!/^[0-9]+$/.test(id) || (age && isNaN(Number(age)))) {
    return res.status(400).send('Invalid parameters');
  }
  res.send(`User ${id}, age ${age || 'unknown'}`);
});
This code checks if the route param 'id' is all digits and if the optional query 'age' is a number, sending an error if not.
Execution Table
StepActionRoute Param 'id'Query 'age'Validation ResultResponse
1Request: /user/123?age=2512325id valid, age validProceed
2Request: /user/abc?age=25abc25id invalid400 Invalid parameters
3Request: /user/123?age=twenty123twentyage invalid400 Invalid parameters
4Request: /user/456456undefinedid valid, age missing but optionalProceed
5Request: /user/789?age=3078930id valid, age validProceed
6Request: /user/12a?age=3012a30id invalid400 Invalid parameters
💡 Execution stops when validation fails, sending 400 error; otherwise, request proceeds.
Variable Tracker
VariableStartAfter 1After 2After 3After 4After 5After 6
idundefined123abc12345678912a
ageundefined2525twentyundefined3030
validationResultundefinedvalidinvalidinvalidvalidvalidinvalid
responseundefinedproceed400 error400 errorproceedproceed400 error
Key Moments - 3 Insights
Why does the request with id='abc' fail validation?
Because the id param must be digits only, as shown in execution_table row 2 where 'abc' fails the regex test.
Is the 'age' query parameter required for the request to succeed?
No, 'age' is optional. In row 4, age is missing but validation passes because only id is required and valid.
What happens if 'age' is present but not a number?
Validation fails and a 400 error is sent, as in row 3 where age='twenty' is invalid.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what is the validation result at step 5?
Aage invalid
Bid invalid
Cid valid, age valid
Did valid, age missing
💡 Hint
Check the 'Validation Result' column at row 5 in the execution_table.
At which step does the condition fail because 'id' contains letters?
AStep 2
BStep 1
CStep 4
DStep 5
💡 Hint
Look for 'id invalid' in the 'Validation Result' column in execution_table.
If the regex for 'id' was changed to allow letters, how would step 6 change?
AValidation would still fail due to id
BValidation would pass and response would proceed
CValidation would fail due to age
DNo change, still 400 error
💡 Hint
Refer to variable_tracker for 'id' and 'validationResult' at step 6 and consider regex effect.
Concept Snapshot
Express route params and query validation:
- Extract params via req.params and query via req.query
- Use regex or type checks to validate
- If invalid, send 400 error response
- If valid, proceed with request handling
- Optional query params can be checked conditionally
Full Transcript
When Express receives a request, it extracts route parameters and query strings. The code then checks if these values meet expected formats, like digits only for an id or numeric for age. If validation fails, the server responds with a 400 error and stops processing. If validation passes, the server continues to handle the request and sends a success response. This process ensures only valid data is processed, preventing errors or misuse.