Skip to content

Latest commit

 

History

History
84 lines (53 loc) · 1.81 KB

validation.md

File metadata and controls

84 lines (53 loc) · 1.81 KB
Raw

Validation

  • enforce business logic
  • preserve data integrity
  • avert malicious inputs

Directives

Ex: graphql-constraint-directive (featured in Apollo Blog)

Pros

  • GraphQL centric and versatile

Cons

  • Does not allow for @constraint on query args
  • No compat with apollo-server v2, quirks in v1

Resolvers

Ex: validating args.id for an ObjectID

Pros

  • Simple and intuitive

Cons

  • Too repetitive, not DRY
  • Clutters up, doesn't scale

Utils

Ex: pure funcs using validator.js

Pros

  • Simple enough, composable, can scale

Cons

  • Reinventing the wheel
  • Code to maintain

ODM/ORM

Ex: built-in validators in Mongoose

Pros

  • Common checks
  • Extensible
    • define custom validation logic
    • customize error messages

Cons

  • Too many gotchas, e.g.
    • unique is not a validator, but a unique index
    • update* validators are off by default
    • many pre/post hooks don't fire for update*
  • Hard to validate a subset of fields
    • e.g. findById then save will validate all fields
  • Models grow out of size

Object Schema

Ex:

Pros

  • Very expressive & readable
  • DRY, doesn't clutter up
  • Extensible & customizable
    • custom validators, plugins, messages

Cons

  • Cryptic error messages (though customizable)