Expressframework~10 mins

Validating route params and query in Express - Step-by-Step Execution

Choose your learning style10 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Start learning this pattern below

Jump into concepts and practice - no test required

Recommended

Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong

Concept Flow - Validating route params and query

Request received

↓

Extract route params & query

↓

Validate params & query

↓

Proceed

↓

Handle request logic

↓

Send success response

When a request comes in, Express extracts route parameters and query strings, then checks if they are valid before continuing or sending an error.

Execution Sample

Express

app.get('/user/:id', (req, res) => {
  const id = req.params.id;
  const age = req.query.age;
  if (!/^[0-9]+$/.test(id) || (age && isNaN(Number(age)))) {
    return res.status(400).send('Invalid parameters');
  }
  res.send(`User ${id}, age ${age || 'unknown'}`);
});

This code checks if the route param 'id' is all digits and if the optional query 'age' is a number, sending an error if not.

Execution Table

Step	Action	Route Param 'id'	Query 'age'	Validation Result	Response
1	Request: /user/123?age=25	123	25	id valid, age valid	Proceed
2	Request: /user/abc?age=25	abc	25	id invalid	400 Invalid parameters
3	Request: /user/123?age=twenty	123	twenty	age invalid	400 Invalid parameters
4	Request: /user/456	456	undefined	id valid, age missing but optional	Proceed
5	Request: /user/789?age=30	789	30	id valid, age valid	Proceed
6	Request: /user/12a?age=30	12a	30	id invalid	400 Invalid parameters

💡 Execution stops when validation fails, sending 400 error; otherwise, request proceeds.

Variable Tracker

Variable	Start	After 1	After 2	After 3	After 4	After 5	After 6
id	undefined	123	abc	123	456	789	12a
age	undefined	25	25	twenty	undefined	30	30
validationResult	undefined	valid	invalid	invalid	valid	valid	invalid
response	undefined	proceed	400 error	400 error	proceed	proceed	400 error

Key Moments - 3 Insights

Why does the request with id='abc' fail validation?

Is the 'age' query parameter required for the request to succeed?

What happens if 'age' is present but not a number?

Visual Quiz - 3 Questions

Test your understanding

Look at the execution_table, what is the validation result at step 5?

Aage invalid

Bid invalid

Cid valid, age valid

Did valid, age missing

Concept Snapshot

Express route params and query validation:
- Extract params via req.params and query via req.query
- Use regex or type checks to validate
- If invalid, send 400 error response
- If valid, proceed with request handling
- Optional query params can be checked conditionally

Full Transcript

When Express receives a request, it extracts route parameters and query strings. The code then checks if these values meet expected formats, like digits only for an id or numeric for age. If validation fails, the server responds with a 400 error and stops processing. If validation passes, the server continues to handle the request and sends a success response. This process ensures only valid data is processed, preventing errors or misuse.

Practice

(1/5)

1. What is the main reason to validate route parameters and query strings in an Express app?

easy

A. To automatically generate HTML pages

B. To speed up the server response time

C. To ensure the data is correct and prevent errors or security issues

D. To change the URL structure dynamically

5. You want to validate both a route parameter userId (must be a number) and a query parameter active (must be 'true' or 'false') in Express. Which code snippet correctly validates both and returns 400 errors if invalid?

hard

A. app.get('/user/:userId', (req, res) => { const { userId } = req.params; const { active } = req.query; if (!/^\d+$/.test(userId)) { return res.status(400).send('Invalid userId'); } if (active !== 'true' && active !== 'false') { return res.status(400).send('Invalid active flag'); } res.send(`User ${userId} active: ${active}`); });

B. app.get('/user/:userId', (req, res) => { const userId = Number(req.params.userId); const active = req.query.active === true; if (!userId) { res.status(400).send('Invalid userId'); } if (active !== true && active !== false) { res.status(400).send('Invalid active flag'); } res.send(`User ${userId} active: ${active}`); });

C. app.get('/user/:userId', (req, res) => { const { userId, active } = req.params; if (isNaN(userId)) { return res.status(400).send('Invalid userId'); } if (active !== 'true' || active !== 'false') { return res.status(400).send('Invalid active flag'); } res.send(`User ${userId} active: ${active}`); });

D. app.get('/user/:userId', (req, res) => { const userId = req.params.userId; const active = req.query.active; if (typeof userId !== 'number') { return res.status(400).send('Invalid userId'); } if (active !== 'true' && active !== 'false') { return res.status(400).send('Invalid active flag'); } res.send(`User ${userId} active: ${active}`); });

Validating route params and query in Express - Step-by-Step Execution

Start learning this pattern below

Practice

Solution

Step 1: Understand the role of validation

Step 2: Identify the benefits of validation

Final Answer:

Quick Check:

Solution

Step 1: Recall Express request object properties

Step 2: Match the parameter name

Final Answer:

Quick Check:

Solution

Step 1: Understand the regex validation

Step 2: Check the input against regex

Step 3: Identify the response on failure

Final Answer:

Quick Check:

Solution

Step 1: Analyze the validation logic

Step 2: Check flow after sending response

Step 3: Identify the error caused

Final Answer:

Quick Check:

Solution

Step 1: Validate userId as digits string

Step 2: Validate active query param as 'true' or 'false'

Step 3: Confirm proper returns after errors

Final Answer:

Quick Check: