How to Use Form Request in Laravel for Validation
In Laravel, use
Form Request classes to handle validation by creating a custom request with php artisan make:request, defining rules in it, and type-hinting it in your controller method. This keeps validation logic clean and reusable outside controllers.Syntax
To use a form request in Laravel, first create a request class, define validation rules inside it, then inject it into your controller method to automatically validate incoming data.
php artisan make:request StoreUserRequest: creates the form request class.- Define rules in the
rules()method inside the request class. - Type-hint the request class in your controller method to trigger validation.
php
php artisan make:request StoreUserRequest // In app/Http/Requests/StoreUserRequest.php public function rules() { return [ 'name' => 'required|string|max:255', 'email' => 'required|email|unique:users,email', 'password' => 'required|string|min:8|confirmed', ]; } // In Controller public function store(StoreUserRequest $request) { // Validated data is available via $request->validated() $data = $request->validated(); // Proceed to create user or other logic }
Example
This example shows creating a form request to validate user registration data and using it in a controller to ensure clean validation.
php
<?php namespace App\Http\Requests; use Illuminate\Foundation\Http\FormRequest; class StoreUserRequest extends FormRequest { public function authorize() { return true; // Allow all users to make this request } public function rules() { return [ 'name' => 'required|string|max:255', 'email' => 'required|email|unique:users,email', 'password' => 'required|string|min:8|confirmed', ]; } } // Controller namespace App\Http\Controllers; use App\Http\Requests\StoreUserRequest; use App\Models\User; class UserController extends Controller { public function store(StoreUserRequest $request) { $data = $request->validated(); $user = User::create([ 'name' => $data['name'], 'email' => $data['email'], 'password' => bcrypt($data['password']), ]); return response()->json(['message' => 'User created successfully', 'user' => $user], 201); } }
Output
{"message":"User created successfully","user":{"id":1,"name":"John Doe","email":"john@example.com"}}
Common Pitfalls
Common mistakes when using form requests include:
- Not returning
truein theauthorize()method, which blocks all requests. - Forgetting to type-hint the form request in the controller, so validation does not run.
- Not handling validation errors properly, which Laravel does automatically by redirecting or returning JSON errors.
- Using validation rules incorrectly or missing the
confirmedrule for password confirmation.
php
<?php // Wrong: authorize returns false, blocking request public function authorize() { return false; } // Right: authorize returns true to allow validation public function authorize() { return true; } // Wrong: Controller method without form request type-hint public function store(Request $request) { // Validation won't run automatically } // Right: Controller method with form request type-hint public function store(StoreUserRequest $request) { // Validation runs automatically }
Quick Reference
| Step | Description |
|---|---|
| Create Form Request | Run php artisan make:request RequestName to generate a request class. |
| Define Rules | Add validation rules inside the rules() method. |
| Authorize Request | Return true in authorize() to allow the request. |
| Use in Controller | Type-hint the form request in controller methods to trigger validation. |
| Access Validated Data | Use $request->validated() to get validated input. |
Key Takeaways
Create a form request class with artisan to separate validation logic from controllers.
Always return true in the authorize() method to allow the request to proceed.
Type-hint the form request in your controller method to trigger automatic validation.
Use the validated() method on the form request to safely access validated input.
Form requests improve code clarity and reuse by centralizing validation rules.