This workshop will be retired on May 1, 2025.
Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Preview
Start a free Courses trial
to watch this video
Let's validate that data we get from our users is valid and set up our API so it returns legible errors.
Note about newer versions
- If you are using the Gradle Boot plugin > 1.3 (Which I am using in this video), you might encounter an issue on startup. To resolve simply add the
@Lazy
annotation to the validator declaration like so:
@Autowired
@Lazy
private Validator validator;
Learn More
Related Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign upRelated Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign up
Everyone needs a little validation, right?
0:00
Here, let me validate you.
0:02
You are doing great with
the Spring Data REST framework.
0:04
It's a lot to take in and
0:07
even though there's very few lines of code
that we have written, there is most likely
0:08
a boatload of new concepts that you've
been absorbing and that, that's a lot.
0:11
But here you are, nine videos deep and
you're still smiling.
0:16
It's weird right?
0:19
Sometimes it's almost more challenging
when the work gets done for you.
0:20
You spend time trying to find out what
the magic is that's happening behind
0:24
the scenes, but sincerely you?
0:28
You're doing great.
0:30
Do you feel validated?
0:30
I hope so because I meant it.
0:33
Okay now, let's ensure that we're
getting the data that we want, and
0:35
sending back clear error messages to
our clients when they misuse our API.
0:38
Let's do this.
0:42
If you watch the course Spring with Irony,
you've definitely seen this
0:44
annotation-based style of
validation that we're ready to do.
0:46
Basically what you do is,
0:50
you mark what a valid value on your
entity looks like by adding a constraint.
0:51
For instance let's open up course here.
0:56
Course and we want to make sure that
all these courses have a title, right?
1:01
So let's go ahead and
we'll add an annotation
1:07
on here that is a validation
constraint not null.
1:13
Yep.
1:18
So what this validation does,
1:22
is mark the entity as being not
valid if the title is null.
1:24
And therefore it won't be able to be saved
to the database when it's attempted.
1:29
But we want this to happen in
the lifecycle events of our application.
1:33
We want this to happen
before an entity is created.
1:37
Or saved, right?
1:40
And let the client know
that they made a mistake.
1:42
In order to do this we need to do a little
bit of configuration and it's not quite as
1:45
simple as we saw with the properties file
but it's still pretty straightforward.
1:48
So there's a handy little adapter
that is included that allows you
1:52
to optionally override some very
specific configuration options.
1:55
So let's do this.
1:59
Let's go into the core class here and
let's create a new class.
1:59
And we're going to call it RestConfig.
2:05
And we're going to make it extend
that adapter I was talking about.
2:07
So we're going to say extends and
the adapter is repository
2:13
RestCofigurerAdapter.
2:20
Okay.
2:25
And so right off the bat let's go
ahead and mark this as configuration.
2:25
[BLANK AUDIO] And
2:31
now, let's go ahead and
override one of the methods.
2:38
So we're going to choose generate and
we're going to override methods.
2:41
Okay, so weβre going to override.
2:45
And the one that we want
to override is this guy.
2:46
Configure validating
repository event listener.
2:50
Jeez.
2:55
Try to say that ten times fast.
2:55
Okay, so this is going to do the super
call to its parent like we saw by default.
2:58
We don't actually need that so
I'm gonna get rid of that line.
3:03
And I'm also going to get some
real estate because look at that.
3:06
Wow.
It doesn't even fit.
3:10
So, it gets passed of validating
repository of that listener.
3:13
And this is what we want to configure
actually, so what we're going to do
3:16
is we are going to get access
to our global validator first.
3:21
So, let's go ahead and
we need to get access to it.
3:25
So, we're going to say validator.
3:29
Validater and
we're going to get that by name and
3:32
again that's going to be auto wired.
3:35
And yes that is
the Spring Framework validator.
3:42
Yep.
3:46
And Auto wired is there.
3:46
There we go.
3:48
So, what we wanted to have happen was
we want, before things are created, so
3:49
this validating listener that is
passed in, is what we can configure.
3:53
And what we're going to add
on that is a validator.
3:58
It's just so happen gonna be the global
validator that we're setting up.
4:00
So we're going to say here,
the event is called beforeCreate.
4:04
We'll take a look at
these here in a second.
4:07
And so that's before creation happens and
we also want to do it for an update.
4:11
So I'm gonna go ahead and
I'm gonna a duplicate that line.
4:15
And this is beforeSave.
4:17
So like I said we'll explore those
events here in a bit but for
4:22
now we should have a working
config that will cause our
4:26
validation to send back clean
error messages on create and save.
4:29
Okay, so lets pop back over.
4:34
I'm gonna go ahead and
restart my server here.
4:36
Let's make sure everything goes You
form an pop over to post man here and
4:43
let's go ahead and
do a new post, two courses and
4:51
we'll set the body left or
last one in there so
4:56
what we'll do is we'll
just not have a title.
5:01
Gotta quit doing the save early,
save often habit.
5:09
All right.
So let's do it.
5:12
Let's submit it.
5:13
So it's raw.
5:14
We got the right header in there.
5:15
It's application json.
5:16
Set courses, and
we're gonna click send, and boom.
5:18
We got back a 400 Bad Request.
5:22
And what I want you to note here is that
this is an array, it's errors and it says
5:25
course and it says title may not be null
and the value that was passed was null.
5:29
How awesome is that,
an automatic error message and
5:34
on top of it of course those
messages can also be configured.
5:38
You can actually do it right there in
the validator, you just put in message and
5:41
whatever you want
the message to be amazing.
5:45
But you know what?
5:48
Thinking like a hacker, what happens
if we just submit an empty string.
5:49
Let's see.
5:53
Let's go back to what
we had posted before.
5:54
And let's go ahead and we're gonna.
5:57
This isn't going to be null.
6:00
Right?
An empty string's not null.
6:01
Did we hack?
6:03
Did we do it?
6:04
We did.
6:06
So we're gonna need another validation,
right.
6:07
Now you can stack validators, right.
6:10
You can just add another one.
6:12
So let's go ahead.
6:13
Let's go back to our course here.
6:14
And we can stack ' right.
6:23
So we want NotNull, and
we also want the size of it let's see.
6:24
We definitely want a minimum size, so
let's, two characters seems fair, right?
6:29
Cuz you could have a course on c or
a course on go, right?
6:36
But I don't know what the length
of how long it should be?
6:39
Why don't I ask my
product owner real quick.
6:42
So let's see.
6:46
Got slack open here.
6:48
And I'll say hey Hannah, how long
should we allow the title field to be?
6:50
And this is very common practice,
right, so I'm gonna be developing and
6:58
ask this question.
7:02
And let's see, hopefully Hannah's online,
look, she's typing.
7:02
So 140 character seems legit for
Twitter follow suit.
7:09
Sounds good I'm going to go ahead and let
her know with a, she send a money sign.
7:13
I give her a thumbs up I guess.
7:20
I collect money mouth face.
7:24
So now that I know that Hannah thinks
140 is fine, I'm just gonna go and
7:27
update things.
7:31
Over here, so max equals 140.
7:32
All right, awesome.
7:35
So let's go ahead and reboot.
7:36
And move off over here.
7:42
Let's look at what we had done before, and
7:46
I'm gonna leave the title there of
nothing still and see what happens.
7:48
And we got a 400 bad requests and it says,
size must be between two and 140 and
7:53
the invalid value was basically dead.
7:58
Awesome, right?
8:00
Out of the box and
it's using existing standards incredible.
8:01
I've got some links in the teacher's
notes about more validators that
8:04
are available out of the box.
8:07
And you can also build your own and
hook and other life cycle events.
8:08
As you can imagine we want to
litter our API with them and
8:11
just make sure that we're getting
the data that our application expects.
8:14
But first let's just keep on moving
through this frameworks amazing offering.
8:18
Now one thing that I wanted to show
off is how we hook up with security
8:22
authentication and all that jazz.
8:25
But before we do that we need
to get some users in place.
8:27
Let's do that,
8:30
You need to sign up for Treehouse in order to download course files.
Sign upYou need to sign up for Treehouse in order to set up Workspace
Sign up