When using Flask to implement a RESTful interface, request parameters need to be validated to see if they conform to certain rules. This article will describe how to pass
pre-requestLibrary optimization check logic.
Interface requirements
Suppose we need to implement an interface to collect personal information filled in by users. The specific requirements of this interface are as follows:
- Interface path:
/user/info/new - Interface field:
| field | type | instructions |
|---|---|---|
| userName | string | User nickname, required, 2-20 character string |
| gender | int | User gender, required, 1-male, 2-female |
| age | int | User age, required, an integer between 18 and 60 |
| country | string | User nationality, optional, default isChina, the string length is >2 |
Interface implementation
If the above interface were implemented without any third-party tools, the code might look like this:
from flask import request, Flask app = Flask(__name__) @app.route("/user/info/new", methods=["POST"]) def user_info_handler(): # 1. User_name = request.form.get("userName") if not user_name or not isinstance(user_name, STR): If len(user_name) < 2 or len(user_name) > 20: return "username" # 2 Gender = request.form.get("gender") if not gender: return "Please enter user gender" try: Gender = int(gender) except ValueError: return "User gender format is incorrect" if gender not in [1, 2]: return "User gender parameter must be between [1, 2]" # 3. Age = request.form.get("age") if not age: return "Please enter user age" try: age = int(age) except ValueError: If age < 18 or age > 60: return "must be between 18 and 60" # 4 Get ("country", "China ") country = STR (country) if len(country) < 2: Return "Success" if __name__ == "__main__": app.run(port=8080)As shown in the above code, in order to ensure that the data stored in the database meets the design requirements, developers need to do a lot of verification work on the input parameters, and a little mistake may leave vulnerabilities for the system.
usepre-requestCheck into the reference
In order to achieve the above interface requirements, let’s take a look at how to shield a large number of repeated verification logic through pre-request.
from flask import Flask from pre_request import pre, Rule app = Flask(__name__) rule = { "userName": Rule(type=str, required=True, gte=3, lte=20, dest="user_name"), "gender": Rule(type=int, required=True, enum=[1, 2]), "age": Rule(type=int, required=True, gte=18, lte=60), "country": Rule(type= STR, required=False, gte=2, default=" China ")} @app.route("/user/info/new", methods=["POST"]) def user_info_handler(): params = pre.parse(rule=rule) # TODO: Return "Success" if __name__ == "__main__": app.run(port=8080)As shown above, complex parameter validation turns into validation rule writing. The pre. Parse function automatically captures the request parameters and determines if the validation rule is met.
pre-requestA link to the
- The code address: https://github.com/Eastwu5788…
- Document address: https://pre-request.readthedo…