Building Data-Driven Web Apps with Pyramid and SQLAlchemy Transcripts
Chapter: Client and server-side validation
Lecture: Server-side validation
Login or
purchase this course
to watch this video and the rest of the course contents.
0:01
We're also going to use this over here. And this is going to show you another aspect of these view models that is beautiful.
0:10
So notice over here that we're saying all right, some form data has been submitted to us. Right here it's, look at this email
0:18
look at this name, look at this password. Well instead of remembering to do this and on complicated forms with ten pieces
0:25
like this gets really tiresome really quick. We could actually just do like this. Even on the Get because state is going to come in
0:34
but it'll just be missing so we could come over and say self.requestdict.get('email') Or we could just say .email, whichever you feel like.
0:45
That solves those three lines. And then this validation, remember I said really really there should be three lines.
0:51
You're email is required. You didn't enter it? Oh, wait, you entered your email but your name is required.
0:56
You didn't enter it, and so on. Well let's go do that. We only want to compute those sorts of things on the form POST.
1:05
So let's add another validate function here. And when that happens we're going to basically say if not self.email self.error equals?
1:16
You must specify an email address. And you can imagine, same for name, same for password. So over here that is this sort of stuff and remember
1:28
all of these things are already being tracked so watch how much simpler this becomes. vm.validate, and remember this is totally scalable.
1:36
Like this could become way more involved. And it, it means you're more likely to write that extra validation code.
1:44
Because it's not making this method even worse even harder to understand, right? There's, it never gets more complicated than just validate.
1:51
So then you just ask if vm.error if there is some kind of error were just going to return vm.to_dic(). Which includes the error.
2:00
Otherwise, we say vm.email vm.name, vm.password. Done, how sweet is that? So, look how clean this method becomes.
2:12
We create our view model and we ask for validation. And if there's a problem we just let it exchange other data back with potential
2:18
error messages, all sorts of stuff. And, otherwise, we carry on. Now let's do one more thing, let's go to this part here.
2:25
And let's add, say if self.email. Remember we stored this in a simplified form. We'll say email == self.email.strip().lower(). Just to make sure.
2:36
I think we're doing that in the data layer as well but let's make sure the data is already prepared when it comes in.
2:43
And we can come over here and say things like if it's not there we'll just say strip on this as well. We're not going to mess with the password.
2:51
They owant their password to be space, they can have it. Alright, let's make sure we can still register. So over here, we register get, register post.
3:01
Let's see if things are still working. Come over here. Right now we're logged in so let's logout. And let's register as user, user2.
3:13
At u2.com, get my password. Actually, let's first leave some stuff out here. Let's leave out the name and the password.
3:22
You must spec, specify your name. User2 is my name. You must specify password. Alright, that's our password.
3:30
Now this should work and we should be logged in as user2. Ready, bam, there we go. So let's review, we've taken and created
3:41
this RegisterViewModel that has both the ability to load the data and then validate it. We saw our error handling checking
3:49
to make sure the user name was there the actual name was there, the password was there. We didn't check email but it's there.
3:56
And then, once all that stuff happens correctly we just use the values from it. So, what's really beautiful about this is it doesn't
4:04
no matter how much data you exchange, it doesn't get more complicated than this. The view model is in charge of validating the data
4:11
and exchanging the data with the form. You just work with the, the data that's gotten. It's real, real nice. On this one, they can interact with
4:21
the database as it needs to, all sorts of stuff like that. So here, it's going and getting the cookie from the request and then it's actually hitting
4:28
the database to populate the user. If it doesn't find it, we do some hard error handling, we just send them to login.
4:34
Otherwise it passes that onto the view which is why we saw that right there, user2. So these view models are super, super valuable.
4:43
And we'll be using them for the rest of this course. I'm going to go ahead and put view models in place for the remaining methods that you don't see.
4:51
Like on packages and so on, but I'm not not going to walk you through it because, guess what? It's exactly the same as what we've
4:56
been doing in the last two.