1

I am a newbie in ASP.NET MVC, and something made me confused. I am creating a login/registration web-app, and when I came to confirm password, I was a bit confused. I surely don't want confirm password column in my database. So for that reason, I use ViewModel. And I use data annotations for validation in my ViewModel. So there is no need to write any validation code in my Domain Model.

But when Entity Framework creates a table from my Domain Model object, from where will it get information for example about how many characters should username take? If I used data annotations in my domain model, I would write MaxLength or something.

Should I validate data in domain model too?

bazera
  • 119
  • 1
  • 1
  • 9

1 Answers1

1

You client side validation can be taken care of using Data Annotations on your View Model and include jQuery validation script in your View.

So in your View Model, you can set minimum password length restriction like this:

using System.ComponentModel.DataAnnotations;

public class RegisterViewModel
{
    [Required]
    [EmailAddress]
    [Display(Name = "Email")]
    public string Email { get; set; }

    [Required]
    [StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
    [DataType(DataType.Password)]
    [Display(Name = "Password")]
    public string Password { get; set; }

    [DataType(DataType.Password)]
    [Display(Name = "Confirm password")]
    [System.ComponentModel.DataAnnotations.Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
    public string ConfirmPassword { get; set; }
}

Of course, this is only for client side validation, for server side validation, you have to validate the data in your controller, but i don't believe you have to use data annotation on your domain model.

So in your controller, you can validate the data passed through like this

[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Register(RegisterViewModel model)
{
    //checks for data passed through, if somehow people bypasses client side validation
    if (ModelState.IsValid)
    {
        //continue
    } 
    //validation failed, return to view
    return View(model);
}

ModelState.IsValid indicates if it was possible to bind the incoming values from the request to the model correctly and whether any explicitly specified validation rules were broken during the model binding process. ---- what does this do : ModelState.IsValid

Community
  • 1
  • 1
Mindless
  • 2,352
  • 3
  • 27
  • 51
  • And how does my database tables get information about what restrictions must the data object have? For example, if I don't type Required above for example Username in my domain model, how will my database understand that the username field in my table must not be nullable? – bazera Dec 12 '16 at 08:32
  • @bazera Strings are reference types, so are already "nullable". Only value types (such as int) can be nullable as they can't otherwise be null. You can set other types as nullable by doing public int? MyInt etc...So you have to check if the username is null in your controller before saving it to your database. If you set [Required] on the Username in your viewmodel, ModelState.IsValid will check server side if the Username passed is null. And you can also check it yourself again before saving the user. – Mindless Dec 12 '16 at 23:24
  • @bazera Identity 2 already does it for you: var result = await userManager.CreateAsync(user, model.Password); if your user doesn't have a Username, it will through an error in the "result". and you can check if (result.Succeeded) { continue } else { throw error } – Mindless Dec 12 '16 at 23:25