Where to validate Mongoose Schema - Frontend or Backend?
I'm building a simple app with a login form and currently working on the backend.
While creating the Mongoose schema to store user data, should I add validations like required, minLength, lowercase, match (for regex), etc., directly in the schema?
Also, should I add similar validations in the frontend form as well — or is backend validation enough?
Just want to understand what’s the best practice here: frontend, backend, or both?
3 Replies
Validate on frontend for ux quality. Validate on the backend for actual validation and sanitization etc stuff because client can't be trusted
Ok
About validating directly in schema. I'm not sure about this because I don't work with mongoose enough to know how it does it's stuff (does it send a request even if schema fails validation?) and whether it has some decent validation built in or not
So someone else needs to pitch in for that
Personally I would do both because schema validation would be useful for seeding scripts and validating in middleware/route itself allows me to throw better validation errors than relying on errors thrown by mongoose schema and deciphering them but i can be wrong