Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll

Build a REST API in Spring

Preview

Start a free Courses trial
to watch this video

Sign up for Treehouse

Validation

8:31 with Craig Dennis

Let's validate that data we get from our users is valid and set up our API so it returns legible errors.

Note about newer versions

  • If you are using the Gradle Boot plugin > 1.3 (Which I am using in this video), you might encounter an issue on startup. To resolve simply add the @Lazy annotation to the validator declaration like so:
@Autowired
@Lazy
private Validator validator;

Learn More

Related Discussions

Have questions about this video? Start a discussion with the community and Treehouse staff.

Sign up

    Related Discussions

    Have questions about this video? Start a discussion with the community and Treehouse staff.

    Sign up

    Everyone needs a little validation, right? 0:00
    Here, let me validate you. 0:02
    You are doing great with the Spring Data REST framework. 0:04
    It's a lot to take in and 0:07
    even though there's very few lines of code that we have written, there is most likely 0:08
    a boatload of new concepts that you've been absorbing and that, that's a lot. 0:11
    But here you are, nine videos deep and you're still smiling. 0:16
    It's weird right? 0:19
    Sometimes it's almost more challenging when the work gets done for you. 0:20
    You spend time trying to find out what the magic is that's happening behind 0:24
    the scenes, but sincerely you? 0:28
    You're doing great. 0:30
    Do you feel validated? 0:30
    I hope so because I meant it. 0:33
    Okay now, let's ensure that we're getting the data that we want, and 0:35
    sending back clear error messages to our clients when they misuse our API. 0:38
    Let's do this. 0:42
    If you watch the course Spring with Irony, you've definitely seen this 0:44
    annotation-based style of validation that we're ready to do. 0:46
    Basically what you do is, 0:50
    you mark what a valid value on your entity looks like by adding a constraint. 0:51
    For instance let's open up course here. 0:56
    Course and we want to make sure that all these courses have a title, right? 1:01
    So let's go ahead and we'll add an annotation 1:07
    on here that is a validation constraint not null. 1:13
    Yep. 1:18
    So what this validation does, 1:22
    is mark the entity as being not valid if the title is null. 1:24
    And therefore it won't be able to be saved to the database when it's attempted. 1:29
    But we want this to happen in the lifecycle events of our application. 1:33
    We want this to happen before an entity is created. 1:37
    Or saved, right? 1:40
    And let the client know that they made a mistake. 1:42
    In order to do this we need to do a little bit of configuration and it's not quite as 1:45
    simple as we saw with the properties file but it's still pretty straightforward. 1:48
    So there's a handy little adapter that is included that allows you 1:52
    to optionally override some very specific configuration options. 1:55
    So let's do this. 1:59
    Let's go into the core class here and let's create a new class. 1:59
    And we're going to call it RestConfig. 2:05
    And we're going to make it extend that adapter I was talking about. 2:07
    So we're going to say extends and the adapter is repository 2:13
    RestCofigurerAdapter. 2:20
    Okay. 2:25
    And so right off the bat let's go ahead and mark this as configuration. 2:25
    [BLANK AUDIO] And 2:31
    now, let's go ahead and override one of the methods. 2:38
    So we're going to choose generate and we're going to override methods. 2:41
    Okay, so we’re going to override. 2:45
    And the one that we want to override is this guy. 2:46
    Configure validating repository event listener. 2:50
    Jeez. 2:55
    Try to say that ten times fast. 2:55
    Okay, so this is going to do the super call to its parent like we saw by default. 2:58
    We don't actually need that so I'm gonna get rid of that line. 3:03
    And I'm also going to get some real estate because look at that. 3:06
    Wow. It doesn't even fit. 3:10
    So, it gets passed of validating repository of that listener. 3:13
    And this is what we want to configure actually, so what we're going to do 3:16
    is we are going to get access to our global validator first. 3:21
    So, let's go ahead and we need to get access to it. 3:25
    So, we're going to say validator. 3:29
    Validater and we're going to get that by name and 3:32
    again that's going to be auto wired. 3:35
    And yes that is the Spring Framework validator. 3:42
    Yep. 3:46
    And Auto wired is there. 3:46
    There we go. 3:48
    So, what we wanted to have happen was we want, before things are created, so 3:49
    this validating listener that is passed in, is what we can configure. 3:53
    And what we're going to add on that is a validator. 3:58
    It's just so happen gonna be the global validator that we're setting up. 4:00
    So we're going to say here, the event is called beforeCreate. 4:04
    We'll take a look at these here in a second. 4:07
    And so that's before creation happens and we also want to do it for an update. 4:11
    So I'm gonna go ahead and I'm gonna a duplicate that line. 4:15
    And this is beforeSave. 4:17
    So like I said we'll explore those events here in a bit but for 4:22
    now we should have a working config that will cause our 4:26
    validation to send back clean error messages on create and save. 4:29
    Okay, so lets pop back over. 4:34
    I'm gonna go ahead and restart my server here. 4:36
    Let's make sure everything goes You form an pop over to post man here and 4:43
    let's go ahead and do a new post, two courses and 4:51
    we'll set the body left or last one in there so 4:56
    what we'll do is we'll just not have a title. 5:01
    Gotta quit doing the save early, save often habit. 5:09
    All right. So let's do it. 5:12
    Let's submit it. 5:13
    So it's raw. 5:14
    We got the right header in there. 5:15
    It's application json. 5:16
    Set courses, and we're gonna click send, and boom. 5:18
    We got back a 400 Bad Request. 5:22
    And what I want you to note here is that this is an array, it's errors and it says 5:25
    course and it says title may not be null and the value that was passed was null. 5:29
    How awesome is that, an automatic error message and 5:34
    on top of it of course those messages can also be configured. 5:38
    You can actually do it right there in the validator, you just put in message and 5:41
    whatever you want the message to be amazing. 5:45
    But you know what? 5:48
    Thinking like a hacker, what happens if we just submit an empty string. 5:49
    Let's see. 5:53
    Let's go back to what we had posted before. 5:54
    And let's go ahead and we're gonna. 5:57
    This isn't going to be null. 6:00
    Right? An empty string's not null. 6:01
    Did we hack? 6:03
    Did we do it? 6:04
    We did. 6:06
    So we're gonna need another validation, right. 6:07
    Now you can stack validators, right. 6:10
    You can just add another one. 6:12
    So let's go ahead. 6:13
    Let's go back to our course here. 6:14
    And we can stack ' right. 6:23
    So we want NotNull, and we also want the size of it let's see. 6:24
    We definitely want a minimum size, so let's, two characters seems fair, right? 6:29
    Cuz you could have a course on c or a course on go, right? 6:36
    But I don't know what the length of how long it should be? 6:39
    Why don't I ask my product owner real quick. 6:42
    So let's see. 6:46
    Got slack open here. 6:48
    And I'll say hey Hannah, how long should we allow the title field to be? 6:50
    And this is very common practice, right, so I'm gonna be developing and 6:58
    ask this question. 7:02
    And let's see, hopefully Hannah's online, look, she's typing. 7:02
    So 140 character seems legit for Twitter follow suit. 7:09
    Sounds good I'm going to go ahead and let her know with a, she send a money sign. 7:13
    I give her a thumbs up I guess. 7:20
    I collect money mouth face. 7:24
    So now that I know that Hannah thinks 140 is fine, I'm just gonna go and 7:27
    update things. 7:31
    Over here, so max equals 140. 7:32
    All right, awesome. 7:35
    So let's go ahead and reboot. 7:36
    And move off over here. 7:42
    Let's look at what we had done before, and 7:46
    I'm gonna leave the title there of nothing still and see what happens. 7:48
    And we got a 400 bad requests and it says, size must be between two and 140 and 7:53
    the invalid value was basically dead. 7:58
    Awesome, right? 8:00
    Out of the box and it's using existing standards incredible. 8:01
    I've got some links in the teacher's notes about more validators that 8:04
    are available out of the box. 8:07
    And you can also build your own and hook and other life cycle events. 8:08
    As you can imagine we want to litter our API with them and 8:11
    just make sure that we're getting the data that our application expects. 8:14
    But first let's just keep on moving through this frameworks amazing offering. 8:18
    Now one thing that I wanted to show off is how we hook up with security 8:22
    authentication and all that jazz. 8:25
    But before we do that we need to get some users in place. 8:27
    Let's do that, 8:30

    You need to sign up for Treehouse in order to download course files.

    Sign up

      You need to sign up for Treehouse in order to set up Workspace

      Sign up