1. Problem Statement

A Day at “BrightFuture University” Admissions

BrightFuture University’s admissions office is flooded with thousands of online applications every year.

  • Some students submit forms with missing grades or essays.

  • Others accidentally enter their birthdate as “202” or upload a selfie instead of a transcript.

  • Occasionally, a student’s application is processed even though their contact info is incomplete, making it impossible to send them an offer letter.

  • Sometimes, students are rejected for “missing documents” when they actually uploaded everything, but the system failed to check properly.

The challenge:
How do you ensure that every application is complete, accurate, and checked for mistakes before it’s processed-so no deserving student is lost, and no time is wasted on incomplete forms?

2. Learning Objectives

By the end of this lesson, you’ll be able to:

  • Understand the importance of request validation for data quality and fairness.

  • Use express-validator or class-validator to enforce rules on incoming data.

  • Provide clear, actionable feedback to users when their input is invalid.

  • Prevent downstream errors and confusion by catching mistakes early.

3. Concept Introduction with Analogy

Analogy: The University Admissions Desk

Imagine a real admissions desk:

  • Every application is checked by a staff member before it goes to the review committee.

  • If a transcript is missing, the staff immediately asks the student to provide it-no application moves forward until all requirements are met.

  • If a student writes their name in the “essay” field, the staff gently points out the mistake and helps them fix it.

  • Only complete, correct applications reach the decision-makers, ensuring a fair and efficient process.

Request validation in software is like this admissions desk: it ensures that every submission is checked for completeness and correctness before it enters the system.

A. Why Validate Requests?

  • Garbage In, Garbage Out: If you accept bad data, your system will produce bad results.

  • User Experience: Clear feedback helps users fix mistakes quickly.

  • Security: Prevents malicious or malformed data from causing issues.

  • Efficiency: Saves time by catching errors before they reach deeper parts of the system.

B. Validation with express-validator (Declarative, Middleware-Based)

  • Middleware approach: validation runs before your main logic.

  • Each rule checks a specific field and fails fast if something’s wrong.

C. Validation with class-validator (Decorator-Based, TypeScript/OOP Friendly)

  • Uses decorators on classes to define rules.

  • Great for projects using TypeScript and classes.

5. Step-by-Step Data Modeling & Code Walkthrough

Let’s walk through how “BrightFuture University” ensures every application is perfect before it’s reviewed:

A. Designing the Application Data Structure

Picture the chaos if applications were still paper forms: some missing essays, some with unreadable birthdates, and some with no contact info.
To fix this, the university creates a clear digital structure for every application-so nothing is forgotten, and every reviewer knows exactly what to expect.

 interface Application {
  name: string;
  email: string;
  birthdate: string;
  grades: number[];
  essay: string;
  recommendationLetter: string; // URL to a file
}

Explanation:

  • Every application must have a name, email, birthdate, grades, essay, and a link to a recommendation letter.

  • By making these fields required, the system ensures no application is missing crucial details.

B. Setting Up Validation Rules

Imagine the admissions staff with a checklist for every application:

  • Is the name filled in?

  • Is the email valid?

  • Is the birthdate a real date?

  • Are there grades for at least one subject?

  • Is the essay long enough?

  • Is the recommendation letter a real link?

We translate this checklist into code using express-validator:

 import { body, validationResult } from "express-validator";

const applicationValidation = [
  body("name")
    .isString()
    .notEmpty()
    .withMessage("Name is required"),
  body("email")
    .isEmail()
    .withMessage("Valid email is required"),
  body("birthdate")
    .isISO8601()
    .withMessage("Birthdate must be a valid date (YYYY-MM-DD)"),
  body("grades")
    .isArray({ min: 1 })
    .withMessage("At least one grade is required"),
  body("grades.*")
    .isNumeric()
    .withMessage("All grades must be numbers"),
  body("essay")
    .isLength({ min: 100 })
    .withMessage("Essay must be at least 100 characters"),
  body("recommendationLetter")
    .isURL()
    .withMessage("A valid recommendation letter link is required"),
];

  ```typescript

**Explanation:**

-   Each rule matches a real admissions requirement.
    
-   If any rule fails, the application is rejected with a specific message.
    

**C. Implementing the Route Handler**


Just like a staff member checking each application, our route handler reviews the checklist and gives instant feedback if anything is missing or wrong.

 ```typescript
 app.post("/apply", applicationValidation, (req, res) => {
  const errors = validationResult(req);
  if (!errors.isEmpty()) {
    // Return all validation errors
    return res.status(400).json({ errors: errors.array() });
  }
  // If we reach here, the application is valid!
  res.json({ status: "Application received!" });
});

Explanation:

  • validationResult(req) collects any problems found by the validation rules.

  • If there are errors, the applicant gets a full list of what to fix-no more guessing.

  • Only applications that pass every check are accepted for review.

D. How This Solves the University’s Problems

  • No more missing essays or grades: The system blocks incomplete applications.

  • No more invalid emails or birthdates: Only real, usable contact info is accepted.

  • No more lost students: Every valid applicant gets a fair chance, and no one is rejected due to a system oversight.

  • Clear, actionable feedback: Students know exactly what to fix, reducing frustration and support requests.

E. Visualizing the Validation Flow

text

[Student submits application] ↓ [Validation Middleware: Checks every field] ↓ [If errors: Respond with all problems] ↓ [If valid: Application accepted for review]

Example error response:


{
  "errors": [
    { "msg": "Valid email is required", "param": "email" },
    { "msg": "Essay must be at least 100 characters", "param": "essay" }
  ]
}

6. Interactive Challenge / Mini-Project

Your Turn!

  • Add a validation rule that requires a “portfolioLink” field to be a valid URL (for art applicants).

  • If missing or invalid, return an error message: “A valid portfolio link is required for art applicants.”

7. Common Pitfalls & Best Practices

Pitfall Best Practice
Only checking some fields Validate every required field
Returning generic errors Give specific, actionable feedback
Validating after business logic Always validate first
Not handling arrays or nested data Use grades.* or nested DTOs
Ignoring validation errors Always check and return errors

8. Quick Recap & Key Takeaways

  • Request validation is your first line of defense for data quality.

  • Use express-validator or class-validator to enforce rules.

  • Always validate before processing.

  • Give users clear feedback so they can fix mistakes.

  • A well-validated system is fairer, safer, and more efficient.

9. Optional: Programmer’s Workflow Checklist

  • Define all required fields and their types.

  • Use validation middleware before any business logic.

  • Return all validation errors in a friendly format.

  • Test with missing, invalid, and edge-case data.

  • Document validation rules for users and staff.

10. Coming up next

* Learn how to combine validation with authentication and authorization, so only the right people can submit or review applications!