What is Request validation in Flask?

Flaskframework~5 mins

Request validation in Flask

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Introduction

Request validation helps check if the data sent to your Flask app is correct and safe before using it.

When a user submits a form and you want to make sure all required fields are filled.

When your app receives JSON data and you want to confirm it has the right keys and types.

When you want to prevent bad or harmful data from causing errors or security issues.

When you want to give clear error messages if the input is wrong.

When you want to keep your app stable by only accepting expected data.

Syntax

Flask

from flask import request

# Access data
value = request.form.get('field_name')

# Simple manual validation example
if not value:
    return 'Missing field_name', 400

Flask's request object holds all incoming data.

You can check data manually or use libraries like marshmallow or pydantic for easier validation.

Examples

Checks if the 'name' field is sent in a form. If missing, returns an error.

Flask

from flask import request

@app.route('/submit', methods=['POST'])
def submit():
    name = request.form.get('name')
    if not name:
        return 'Name is required', 400
    return f'Hello, {name}!'

Validates JSON input to ensure it contains an 'age' key.

Flask

from flask import request, jsonify

@app.route('/json', methods=['POST'])
def json_route():
    data = request.get_json()
    if not data or 'age' not in data:
        return jsonify({'error': 'Age is required'}), 400
    return jsonify({'age': data['age']})

Uses marshmallow to validate JSON data with required fields and email format.

Flask

from flask import request
from marshmallow import Schema, fields, ValidationError

class UserSchema(Schema):
    username = fields.Str(required=True)
    email = fields.Email(required=True)

@app.route('/user', methods=['POST'])
def user():
    json_data = request.get_json()
    try:
        data = UserSchema().load(json_data)
    except ValidationError as err:
        return err.messages, 400
    return f"User {data['username']} with email {data['email']} created"

Sample Program

This Flask app has a /login route that expects JSON with 'username' and 'password'. It uses marshmallow to check the data. If data is missing or wrong, it sends back errors. If all is good, it welcomes the user.

Flask

from flask import Flask, request, jsonify
from marshmallow import Schema, fields, ValidationError

app = Flask(__name__)

class LoginSchema(Schema):
    username = fields.Str(required=True)
    password = fields.Str(required=True)

@app.route('/login', methods=['POST'])
def login():
    json_data = request.get_json()
    if not json_data:
        return jsonify({'error': 'No input data provided'}), 400
    try:
        data = LoginSchema().load(json_data)
    except ValidationError as err:
        return jsonify(err.messages), 400
    return jsonify({'message': f"Welcome, {data['username']}!"})

if __name__ == '__main__':
    app.run(debug=True)

OutputSuccess

Important Notes

Always check if request.get_json() returns data before validating.

Using validation libraries helps avoid repetitive manual checks and gives clear error messages.

Return HTTP status code 400 for bad input to inform clients properly.

Summary

Request validation checks incoming data to keep your app safe and working well.

You can validate form data or JSON using simple checks or libraries like marshmallow.

Good validation improves user experience by giving clear errors and prevents bugs.