What if we define validations rules in the routing configuration 😱
💡 In this article, I’ll show how you can add validation on a Request content. (ℹ️ ️It’s more about a way to learn more about Request and event listener than a best practice)
A common use case when you create a route is to validate the Request content, suppose you expose an API that creates a User, you want to be sure that the name is not null, the email is valid and other stuff like this... There are many possibilities to do this, I’ll show another one 😉.
🍉 The idea is simple, the Symfony Routing allows us to specify extra information that will be then accessible from the famous Request object. We will use this possibility to pass our validation rules, then we will create a Listener that listens to the event Kernel.request
and inside this listener, we will validate the request content with our validation rules 🔥
1- Create the Controller ⚒️
Suppose we expose an API that creates a user and we want to validate that the name is not blank and the email is a valid email.
We have to create a Route and inside the configuration, we add a custom array _validator
inside the defaults
option. We match each property with a Symfony constraint, in my example, I just have one constraint per property and I don’t add validator options like message… Feel free to change this to fit your needs. Then in the action if we get errors from the request attributes and if we have errors we format them to return a readable response.
🎁 (Bonus) I need an endpoint to list my users and I want to validate that the limit parameter is Positive.
Same stuff, I create my controller, add an extra parameter and match the property to validate with a constraint.
2- Create the Listener 🗜️
Our job is to listen to the kernel.request event, it allows us to get the Request content and the extra attributes before executing the logic inside a controller.
In the listener, we will create a collection of constraints and we will validate the submitted payload or the query string, it depends on the HTTP
Method. Then we set the errors in the Request attributes to get them from the controller. 👌
3- Try it 😚
I make a POST
request with a name = null
and a wrong email. I add a dump
to output the errors:
$errors = $request->attributes->get('_errors');
dd($errors);
🎉As you can see, the validator did the job and validate the payload, now let’s try with a GET
method. I make a GET
with limit=-42
Same thing ✨, the validator did the job too.