Computer scienceBackendDjangoForms

Validation

Provided by: JetBrains Academy
6 minutes read

Web applications often rely on user input to provide functionality, whether it's through submitting forms, uploading files, or interacting with other parts of the interface. However, it's important to ensure that the data provided by users is valid and meets the application's requirements, in order to prevent errors and maintain data integrity.

Validation is the process of checking user input to ensure that it meets certain criteria or constraints, such as whether it's the correct data type, within a certain range of values, or matches a specific format.

Validation on the client side

Let's return to our hypergift service. To restrict the user's input, we use types in the form's fields. A form should be strict to catch typos and help the user put in data correctly. Also, the limitations will control for other little accidents: for example, it's highly unlikely that the user has a 10000-symbol long address name, so probably some keyboard keys got stuck.

The field author has a minimum length of three symbols by definition: no less than one character for the first name and two for the last name. What happens if a user tries to send two or fewer symbols?

Form with a client-side validation

The user sees a warning that the field should contain at least three characters. This check is done by the browser on a local computer as we haven't sent any data to the server yet. Let's look at the HTML syntax of an element more closely:

<td><input type="text" name="author" minlength="3" required id="id_author"></td>

The <input> element has a minlength attribute with the value "3" and an attribute required. It means that this field is mandatory and its length should be no less than 3 characters.

Another attribute related to the input length is maxlength. It sets the upper limit for the input length.

One more field worth double-checking is the email: if it does not contain "@" and ".", it's definitely not right. As for more complex checks, that should happen on the server side.

Validation on the server side

The browser is not almighty and cannot save the developers from bad input all the time. When an HTML element lacks attributes that specify the behavior, it's Django's turn to save the day.

There are no hints on the page as to which date format should be used. Any non-empty string will be valid, and you can see that in the HTML form:

<td><input type="text" name="date_of_delivery" required id="id_date_of_delivery"></td>

However, the field date_of_delivery has predefined input_formats that Django expects from an input. We can access sent data with the POST attribute of request in our handler and initialize an instance of PostcardForm with it:

postcard_form = PostcardForm(request.POST)
if postcard_form.is_valid():
    data = postcard_form.cleaned_data  # data is a regular dictionary
    ...

Magic happens when you call the is_valid method: all fields will be validated. After that, all valid fields will be accessed as a dictionary with cleaned_data property. If an input is correct, you can keep working with it. But how would the user know about a mistake in the input? The answer is: Django can signal about each one.

Errors rendering

You've already seen how useful messages are when it comes to properly filling the data. Now let's see how Django shows validation errors to the users. To make it work, pass the form initialized with request.POST to the context dictionary.

Assume that the user provides "2025-01-01" as a desired date of delivery:

Form with a server-side validation

Although they send the data, the server responds that the format is invalid. As you see, the default message is not very eloquent, so it's better to define a custom message:

postcard_form = PostcardForm(request.POST)
if postcard_form.is_valid():
    ...
elif 'date_of_delivery' not in postcard_form.cleaned_data:
    postcard_form.add_error('date_of_delivery', 'Use YYYY/MM/DD format')

If you don't have date_of_delivery in the validated data, we add a custom error message that suggests a hint:

Validation with custom error

Now the user knows what went wrong. Looks like you managed to ease the communication with the service. There's plenty of work left to do, but once you have learned how to use forms, the sky's the limit.

Custom errors for forms in Django can be useful in many other situations. Validating complex data: if you're dealing with complex data, like multi-step forms or forms with many input fields, custom errors can help you validate each input field and provide specific feedback to users if an error occurs. Customizing user experience: custom form errors can be used to improve the user experience by highlighting specific input fields that require attention or providing guidance on how to complete the form correctly.

Conclusion

Validation is an important part of web development, as it helps ensure that the data submitted by users is accurate and appropriate for the application's requirements. In Django, validation is handled by the framework's forms module, which provides a variety of built-in validators for common use cases. This can be done both on the client side and on the server side. This allows developers to easily implement robust validation logic that helps prevent errors and maintain data integrity.

3 learners liked this piece of theory. 1 didn't like it. What about you?
Report a typo