When building applications we try to make sure the data our users are submitting is reliable and useful. Ensuring valid data is sent before saving any changes to the database is called validation. Traditionally, HTML5 provides instant validation trough input: type and required tags. Rails use Active Record Validations to ensure the information in the database is consistent and adds an extra security layer to our deployed projects. While there are a variety of options available within , a couple of quick configurations to validate the most common user input can go a long way. Rails guides In this quick guide, we will validate a table with name, email, and password: fields used when a user’s login feature is required Let’s get started by creating a new Rails App (or open your existing project) with default database configuration. $ rails new rails-sample The next step is to create a sample table with basic required cells for a user’s login. $ rails generate scaffold name:string email:string password:string User don’t forget to create and migrate your database. $ rails db:create $ rails db:migrate you should have this on app/model/user.rb: < ApplicationRecord class User end and your database schema (./bd/schema.rb) should be this. create_table “users”, t.string “name”
t.string “email”
t.string “password”
t.datetime “created_at”, , t.datetime “updated_at”, , force: :cascade do |t| precision: 6 null: false precision: 6 null: false end now we can start adding the essential validations Presence We use the presence whenever we need the input to exist. In this example we need all our fields to be present in order to validate the entry: validator validates , validates , validates , < ApplicationRecord class User :name presence: true :email presence: true :password presence: true end now, let’s use rails console sandbox to be sure our validators are working: $ rails console --sandbox
> user1 = User.create( , )
=> #<User id: nil, name: nil, email: "email1", password: [FILTERED], created_at: nil, updated_at: nil>
> user1.valid?
=> false email: "email1" password: "sample1" we created without any name thus, = false, let's try again user1 valid? > user = User.create( , , )
=> #<User id: 1, name: "user1", email: "email1", password: [FILTERED], created_at: "2020-07-08 17:06:32", updated_at: "2020-07-08 17:06:32">
> user.valid?
=> true name: "user1" email: "email1" password: "sample1" ¡Much better!. Length we use the length validator to a 255 maximum to avoid any database overflowing. validates , , { , }
validates , , { , }
validates , , { , } < ApplicationRecord class User :name presence: true length: minimum: 3 maximum: 25 :email presence: true length: minimum: 10 maximum: 255 :password presence: true length: minimum: 6 maximum: 255 end Regex format for email validation, we use regular expression format like this one: / [ + .]+@[a-z ]+( [a-z ]+)* [a-z]+ /i \A \w \- \d \- \. \d \- \. \z We update our model using this regular expression and format: validator VALID_EMAIL_REGEX = .freeze

validates , , { , }
validates , , { , }
validates , , { , }, { VALID_EMAIL_REGEX } < ApplicationRecord class User /\A[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\z/i :name presence: true length: minimum: 3 maximum: 25 :password presence: true length: minimum: 6 maximum: 255 :email presence: true length: minimum: 10 maximum: 255 format: with: end Uniqueness We can add a uniqueness validation to avoid any email duplicates disabling case sensitivity: VALID_EMAIL_REGEX = .freeze

validates , , { , }
validates , , { , }
validates , , { , }, { VALID_EMAIL_REGEX }, { } < ApplicationRecord class User /\A[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\z/i :name presence: true length: minimum: 3 maximum: 25 :password presence: true length: minimum: 6 maximum: 255 :email presence: true length: minimum: 10 maximum: 255 format: with: uniqueness: case_sensitive: false end and finally we run rails console to ensure our validations are in order $ rails console --sandbox

> user = User.create( , , )
=> #<User id: 1, name: "user1", email: "email@email.com", password: [FILTERED], created_at: "2020-07-08 17:26:29", updated_at: "2020-07-08 17:26:29">

> user.valid?
=> true name: "user1" email: "email@email.com" password: "password" this essential validation process will add an extra filter to ensure data liability in any Rails app. you can add as many validations as you see fit, check for the complete documentation. Ruby guides

Mexican Fullstack Nerd

Read My Stories

Too Long; Didn't Read

Get free API security automated scan in minutes

How to Validate User Login Data in Ruby on Rails

Too Long; Didn't Read

@usagi-bonilla

RELATED STORIES