Financial Year 2023 End Sale: Get upto 40% OFF on Job-oriented Training! Offer Ending in
D
H
M
S
Get Now
Browse Tutorials
ASP.NET Core MVC Model Validation

ASP.NET Core MVC Model Validation

07 Mar 2024
Intermediate
35.7K Views
14 min read

ASP.NET Core MVC Model Validation: An Overview

When we develop any type of web-based or desktop-based application, one key part of development is Data Validation or Form Validation. These validations ensure that the user fills in the correct data into the application so that we can process that data and save it for future use. Normally, users always fill out the form with the necessary information and submit it.

But, sometimes the user makes some mistakes. In this case, form validation is required to ensure that the user always provides the required information in the proper format which is required for the successful submission of the form.

In this ASP.NET Core tutorial, we will discuss different types of form validations. To make things easier for you, Dot Net Tricks brings a comprehensive skill-oriented ASP.NET Core Online Training to the nitty-gritty of the ASP.NET.

What is Model Validation in ASP.NET Core?

When we visit any popular website for registration purposes, we notice that the site gives us some error message or warning message when we do not put properly formatted data in the form's controls. Normally, we receive the message as below –

  1. The field value is required. We can’t leave the field blank.

  2. Please enter your data in the correct format in case of phone number, date of birth, etc.

  3. Please provide a valid email address.

  4. Your password does not match the format like uppercase, one symbol, and one number.

This type of message is known as form validation. When a user fills the data in the forms, web applications validate those data whether it is correct or not. If it is correct, the application sends those data to the server for saving into the database. If it is not in the correct format, then it throws error messages providing information about what corrections need to be done by the user. These validations are important for any developer due to the following reasons –

  1. We always want to receive the correct data in the correct format from the user.

  2. We want to protect the user data by forcing users to provide some confidential information in a specified format.

  3. Also, with the help of form validations, we can protect ourselves from malicious uses of our applications.

Validation Types

Forcing users to provide properly formatted and necessary information for any type of form is the main objective of the form validations. Normally, we can perform form validation in two ways – either implement in the server-side code i.e. Server-Side Validation, or implement these in the client-side i.e. Client-Side validation. In the below section, we discuss both the validation types.

1. Server Side Validation

Here, information filled in by the users is sent to the server and validated using the server-side language i.e. Asp.Net Core. In this process, if the data is not validated, a response along with a proper error message is sent back to the client where these messages are shown to the user to be rectified. This type of validation is always secure because if the user disabled the scripting language in the browser then also it will work. At the same time, it can’t be bypassed by the user very easily.

One problematic concern is that here the user cannot know what mistakes have been made until the user completes the data entry and submits the data. Since these processes always communicate with the server, that’s why it is a little bit slow process for the output or error message.

In Asp.Net Core, the best way to perform the server-side validation is using Model Validation. Likely, Microsoft provides us with the abstract validation layer as validation attributes which contains validation code. Therefore, these approaches always reduce the amount of code writing for us. The validation attribute is one of the ways to implement or configure model validations in the model class property. These validations can work like constraints such as assigning maximum length or required fields.

Other validation types can implement some common business rules on data like – Email Address, Phone, Range, etc. The validation attribute always enforces some logical business rule in a simple and easy-to-use way. Below is an Employee Model for an application in which Validation attributes like required, and length have been implemented.


public class Employee
{
public int Id { get; set; }

[Required]
[StringLength(100)]
public string EmployeeName { get; set; }

[Required]
[DataType(DataType.Date)]
public DateTime JoinDate { get; set; }

[Required]
[StringLength(100)]
public string Designation { get; set; }

[Range(0, 999.99)]
public decimal Salary { get; set; }

[Required]
public Gender Gender { get; set; }

public string Address { get; set; }
}

From the above model class, it is clearly shown that we just need to add the related rule in the model class properties to enforce user to provide proper data. In the below table, there are some popular inbuild available validation attributes in the Asp.Net Core –

Required
This validation attribute makes any property required or mandatory.
StringLength
This validation attribute validates any string property along with its length
Compare
This validation attribute compares the two property values in a model match
EmailAddress
This validation attribute validates the email address format
Phone
This validation attribute validates the phone no format
CreditCard
This attribute validates a credit card format
Range
This validation attributes any property to check whether it exists within the given range or not.
Url
This validation attribute validates whether the property contains a URL format or not
RegularExpression
This validation attribute normally matches the data which specified the regular expression format.

Asp.Net Core provides support against all the validation attributes that are inherited from the ValidationAttribute class. Also, we can create a custom server-side validation attribute by implementing the interface named IValidationObjects.

In Asp.Net Core, the Model state always returns validation errors in a normal HTML format in the interface. This will continue the validation process against the form field until the total error number reaches into its maximum limits (200 is by default). But we can configure this maximum error number in the ConfigureServices() in the Startup.cs class.

services.AddMvc(options => options.MaxModelValidationErrors = 50);

2. Client Side Validation

Server-side validation is the most successful and secure validation process. But sometimes, we need to implement client-side validation for a better user experience. Normally, this type of validation is done by the scripting languages on the client side. By using this type of validation, we can implement much more responsive and visually rich validation of the user's input data on the client side. The best thing about this type of validation is that the form submit method is not executed in this case if validation fails.

This means, that if we implement client-side validation in our application, then the server-side method or process will be invoked only when client-side validation has been passed successfully. Otherwise, it will not invoke the server-side code so there is no load in the server-side. So, that’s why Client-Side validation always performs faster execution of error and it increases the performance of the applications.

However, the main disadvantage of this type of validation is that it depends on JavaScript. So, if the user disabled the JavaScript in the browser, the validation process can be bypassed and the server-side method can be invoked with the wrong data. And, if we do not implement the same client-side validation on the server-side also, then there is a high probability that the system can accept the wrong or incorrect data. For this reason, it is always better to implement the same validation rule or method on both sides i.e. Server-side and client.

So, to implement the Client-side validation, we need to add the proper JavaScript script reference in the UI for this purpose as below –


 <script src="https://ajax.aspnetcdn.com/ajax/jQuery/jquery-2.2.0.min.js"></script>
 <script src="https://ajax.aspnetcdn.com/ajax/jquery.validate/1.16.0/jquery.validate.min.js"></script>
 <script 
 src="https://ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/jquery.validate.unobtrusive.mi
 n.js"></script>

In the above script reference, jQuery Unobtrusive Validation is one of the custom front-end libraries provided by Microsoft based on the most popular and well-known scripting library JQuery validate plugin. This front end is responsible for implementing the same validation logic on both sides of the application.

We can generate any type of custom data attribute for both the server and client-side with the help of Asp.Net Core. For custom data attributes, the JQuery Unobtrusive library simply transfers the server-side validation logic to the client side. We can display the validation error message on the client side with the help of related Tag Helpers as shown below –


<div class="form-group">
<label asp-for="JoineDate" class="col-md-4 control-label"></label>
<div class="col-md-10">
<input asp-for=" JoineDate" class="form-control" />
<span asp-validation-for="JoineDate" class="text-danger"></span>
</div>
</div>

In the above code sample, data attribute validation is used only for the JoineDate Property. If you do not fill this field value, then the data-val-required attribute always contains an error message which we provide the server side. In this way, the jQuery Unobtrusive library passes the validation to the client side as required, which will be displayed in the span tag or an alert window.


<form action="/Employee/Create" method="post">
<div class="form-horizontal">
<h4> Employee Information</h4>
<div class="text-danger"></div>
<div class="form-group">
<label class="col-md-2 control-label" for="JoineDate"> JoineDate </label>
<div class="col-md-10">
<input class="form-control" type="datetime"
data-val="true" data-val-required="The Date of Join field is required."
id="JoineDate " name="JoineDate" value="" />
<span class="text-danger field-validation-valid"
data-valmsg-for="JoineDate" data-valmsg-replace="true"></span>
</div>
</div>
</div>
</form>

Custom Server Side Validations and Client Side Validations

So, both Server-side and Client-Side validation attributes work perfectly for most of the cases and also fulfill the requirement related to the validation required. But, still, there are some situations, when we need to specify some custom validation related to the business for that model class. In this case, custom validation is one of the best processes to perform the validations. We can implement the custom validation either on the Server-Side or Client-Side very easily.

These custom validations might not be the same as the validation attributes required on the server side. To do these, we need to inherit ValidationAttribute in our class and then we need to override the method called IsValid(). It always accepts two parameters – the first parameter is an object type called value and the second one is the object of ValidationContext on the requirement also implemented in validationContext.

In the below example, we will demonstrate the default custom validation format for the service side.


public class EmployeeAttribute : ValidationAttribute, IClientModelValidator
{
private int _year;
public EmployeeAttribute(int Year)
{
_year = Year;
}
protected override ValidationResult IsValid(object value, ValidationContext validationContext)
{
Employee employee = (Movie)validationContext.ObjectInstance;
if (employee.Gender == Gender.Male && employee.ReleaseDate.Year> _year)
{
return new ValidationResult(GetErrorMessage());
}
return ValidationResult.Success;
}

In the above example, the employee variable acts as an Employee object, which generates the IsValid() of the EmployeeAttribute class. Success code has been returned after the execution of validation. Similarly, an error result as a ValidationResult has been returned in case of validation failure.


private string GetErrorMessage()
{
return $"Employee Must the have the Joining Date";
}

Also, the same validation rule can be implemented by the help of validate() by using the IValidatableObject interface. Custom validation attributes main objective is to perform checks against the individual properties of the model class. In this case, IValidatableObject can be implemented for class-level validations.


public IEnumerable<ValidationResult>ValidateEmployee(ValidationContext validationContext)
{
if (Gender == Employee.Male && JoinDate.Year > _year)
{
yield return new ValidationResult(
$" Employee Must the have the Joining Date.",
new[] { "ReleaseDate" });
}
}

So, we can also add the custom validation on the client side. For that, we need to use the jQuery Unobtrusive validation process to pass the server-side validation to the client side.


 var form = document.getElementById("my-form");
form.insertAdjacentHTML("beforeend", newInputHTML);
$(form).removeData("validator").removeData("unobtrusiveValidation"); 
$.validator.unobtrusive.parse(form);

We may also create client-side custom validation logic for our custom attribute and then unobtrusive validation create a jQuery adapter which will execute the custom validation logic in the client machine for the part of the automatic validation process. The first step for this is to add the data attributes by using the IClientModelValidator interface.


public void AddEmployeeValidation(ClientModelValidationContext context)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
MergeAttribute(context.Attributes, "data-employee", "true");
MergeAttribute(context.Attributes, "data-employee", GetErrorMessage());
var age = _year.ToString(CultureInfo.InvariantCulture);
MergeAttribute(context.Attributes, "data- employee -year", age);
}

So, these are the custom attributes that can be used in the HTML part when we use that. Now the sample HTML which can implement the above custom validation attributes as


<input class="form-control" type="datetime"
data-val="true"
data-val-employee ="Employee Date of Birth Must be Before year 2000."
data-val-employee -year="2000"
data-val-required="The Joining Date field is required."
id="JoinDate" name=" JoinDate " value="" />
SUMMARY

So, in this article, we discussed the concept of Form Validation in ASP.NET Core, including Server-Side Validations and Client-Side Validations. Also, we explored how to create custom validation on the server side and client side. For more in-depth knowledge, consider ourASP.NET Core Certification Course.

FAQs

Q1. What are the Validation types in ASP.NET Core?

Server Side Validation and Client Side Validation.

Q2. Can we implement custom validation on both, server and client side?

We can implement the custom validation either on the Server-Side or Client-Side very easily.

Q3. What is jQuery Unobtrusive Validation?

jQuery Unobtrusive Validation is one of the custom front-end libraries provided by Microsoft based on the most popular and well-known scripting library JQuery validate plugin. This front end is responsible for implementing the same validation logic on both sides of the application.

Take our free aspnet skill challenge to evaluate your skill

In less than 5 minutes, with our skill challenge, you can identify your knowledge gaps and strengths in a given skill.

GET CHALLENGE

Share Article
About Author
Debasis Saha (Technical Manager, Author and Mentor)

He is an ASP.Net, MVC and Angular Technical Manager with 10 years of experience. He always been a great fan of Microsoft Technologies and loves working on them. He has expertise in Asp.Net, MVC, SQL Server, MongoDB, Angular JS, and Angular. He loves to write articles about these technologies.
Accept cookies & close this