Building Data-Driven Web Apps with Pyramid and SQLAlchemy Transcripts
Chapter: Client and server-side validation
Lecture: Server-side validation
Login or
purchase this course
to watch this video and the rest of the course contents.
0:01
We're also going to use this over here.
0:04
And this is going to show you another aspect
0:06
of these view models that is beautiful.
0:09
So notice over here that we're saying
0:11
all right, some form data has been submitted to us.
0:15
Right here it's, look at this email
0:17
look at this name, look at this password.
0:20
Well instead of remembering to do this
0:22
and on complicated forms with ten pieces
0:24
like this gets really tiresome really quick.
0:27
We could actually just do like this.
0:29
Even on the Get because state is going to come in
0:33
but it'll just be missing so we could come over
0:34
and say self.requestdict.get('email')
0:39
Or we could just say .email, whichever you feel like.
0:44
That solves those three lines.
0:46
And then this validation, remember I said really
0:49
really there should be three lines.
0:50
You're email is required. You didn't enter it?
0:53
Oh, wait, you entered your email but your name is required.
0:55
You didn't enter it, and so on. Well let's go do that.
0:58
We only want to compute those sorts
1:01
of things on the form POST.
1:04
So let's add another validate function here.
1:07
And when that happens we're going to basically say
1:10
if not self.email self.error equals?
1:15
You must specify an email address.
1:17
And you can imagine, same for name, same for password.
1:23
So over here that is this sort of stuff and remember
1:27
all of these things are already being tracked
1:29
so watch how much simpler this becomes.
1:32
vm.validate, and remember this is totally scalable.
1:35
Like this could become way more involved.
1:38
And it, it means you're more likely
1:40
to write that extra validation code.
1:43
Because it's not making this method even worse
1:45
even harder to understand, right?
1:47
There's, it never gets more complicated than just validate.
1:50
So then you just ask if vm.error
1:52
if there is some kind of error
1:54
were just going to return vm.to_dic().
1:57
Which includes the error.
1:59
Otherwise, we say vm.email
2:02
vm.name, vm.password.
2:05
Done, how sweet is that?
2:07
So, look how clean this method becomes.
2:11
We create our view model and we ask for validation.
2:13
And if there's a problem we just let it exchange
2:15
other data back with potential
2:17
error messages, all sorts of stuff.
2:19
And, otherwise, we carry on.
2:20
Now let's do one more thing, let's go to this part here.
2:24
And let's add, say if self.email.
2:28
Remember we stored this in a simplified form.
2:30
We'll say email == self.email.strip().lower().
2:34
Just to make sure.
2:35
I think we're doing that in the data layer as well
2:37
but let's make sure the data is
2:38
already prepared when it comes in.
2:42
And we can come over here and say things like
2:44
if it's not there we'll just say strip on this as well.
2:49
We're not going to mess with the password.
2:50
They owant their password to be space, they can have it.
2:54
Alright, let's make sure we can still register.
2:56
So over here, we register get, register post.
3:00
Let's see if things are still working.
3:01
Come over here. Right now we're logged in so let's logout.
3:06
And let's register as user, user2.
3:12
At u2.com, get my password.
3:16
Actually, let's first leave some stuff out here.
3:19
Let's leave out the name and the password.
3:21
You must spec, specify your name.
3:23
User2 is my name.
3:25
You must specify password.
3:28
Alright, that's our password.
3:29
Now this should work and we should be logged in as user2.
3:33
Ready, bam, there we go.
3:38
So let's review, we've taken and created
3:40
this RegisterViewModel that has both the ability
3:44
to load the data and then validate it.
3:46
We saw our error handling checking
3:48
to make sure the user name was there
3:49
the actual name was there, the password was there.
3:52
We didn't check email but it's there.
3:55
And then, once all that stuff happens correctly
3:58
we just use the values from it.
4:00
So, what's really beautiful about this is it doesn't
4:03
no matter how much data you exchange, it doesn't
4:06
get more complicated than this.
4:08
The view model is in charge of validating the data
4:10
and exchanging the data with the form.
4:13
You just work with the, the data that's gotten.
4:16
It's real, real nice.
4:18
On this one, they can interact with
4:20
the database as it needs to, all sorts of stuff like that.
4:23
So here, it's going and getting the cookie from the request
4:26
and then it's actually hitting
4:27
the database to populate the user.
4:29
If it doesn't find it, we do some hard
4:31
error handling, we just send them to login.
4:33
Otherwise it passes that onto the view
4:35
which is why we saw that right there, user2.
4:39
So these view models are super, super valuable.
4:42
And we'll be using them for the rest of this course.
4:44
I'm going to go ahead and put view models in place for
4:47
the remaining methods that you don't see.
4:50
Like on packages and so on, but I'm not not going to
4:52
walk you through it because, guess what?
4:54
It's exactly the same as what we've
4:55
been doing in the last two.