WEBVTT 1 00:00:01.779 --> 00:00:07.620 So, slowly but steadily, this application is taking shape, but there are still some 2 00:00:07.620 --> 00:00:10.620 tweaks I want to make to this code we already have here. 3 00:00:11.680 --> 00:00:17.960 For example, when creating a user, I want to validate the received data. 4 00:00:18.080 --> 00:00:23.760 I don't want to store it blindly trusting the user to have submitted valid data. 5 00:00:24.920 --> 00:00:29.960 I want to make sure that we got a valid email, that it's not an email address we already 6 00:00:29.960 --> 00:00:36.180 have in our database, and that we have a valid password, which, for example, has a certain 7 00:00:36.180 --> 00:00:37.240 minimum length. 8 00:00:38.599 --> 00:00:44.180 Again, we could use the composer for that, we could also use the chat for that, but since 9 00:00:44.180 --> 00:00:48.960 I'll mostly work in one file, I'll use the inline chat functionality. 10 00:00:50.680 --> 00:00:55.180 Now I could add the validation here to this createUser function, but I'll actually go 11 00:00:55.180 --> 00:00:56.800 for the user's controller file. 12 00:00:58.220 --> 00:01:02.080 Here where I'm extracting that information from the request body. 13 00:01:03.020 --> 00:01:06.700 Because in here I already got some very basic validation code. 14 00:01:07.720 --> 00:01:14.080 But here I just check whether I got some email and some password without performing any further 15 00:01:14.080 --> 00:01:14.560 checks. 16 00:01:15.720 --> 00:01:21.000 For example, currently I would accept an email as valid if it were just a bunch of 17 00:01:21.000 --> 00:01:25.300 blank spaces, which is of course not valid, and the same for the password. 18 00:01:26.960 --> 00:01:33.000 So I'll highlight this entire function and open this inline chat here with the appropriate 19 00:01:33.000 --> 00:01:36.240 shortcut to provide some editing instructions to Cursor. 20 00:01:37.700 --> 00:01:46.240 And I'll tell Cursor to apply better validation for both the email and password. 21 00:01:46.600 --> 00:01:53.180 And I'll then provide some details regarding how I want to validate these two data points 22 00:01:53.180 --> 00:01:54.060 or data fields. 23 00:01:55.900 --> 00:02:08.020 The email must be a valid email address and it must not be taken yet, i.e. not exist in 24 00:02:08.020 --> 00:02:09.620 the database yet. 25 00:02:10.120 --> 00:02:16.580 The password must be at least six characters long. 26 00:02:19.420 --> 00:02:30.940 Both fields must not be empty strings or just a bunch of blanks. 27 00:02:32.860 --> 00:02:35.040 So let's submit this and let's see what we'll get. 28 00:02:35.680 --> 00:02:40.560 So it of course starts editing the code and for example here for the email it checks whether 29 00:02:40.560 --> 00:02:42.780 it's empty after trimming it. 30 00:02:43.140 --> 00:02:48.380 Trim is a built-in method you can call on strings in JavaScript to remove excess whitespace 31 00:02:48.340 --> 00:02:49.420 at the beginning or end. 32 00:02:51.540 --> 00:02:53.640 And it does the same for the password. 33 00:02:55.260 --> 00:02:58.960 And then it also performs some extra checks here using a regular expression. 34 00:02:59.800 --> 00:03:04.380 By the way, AI models are really great for generating regular expressions. 35 00:03:04.720 --> 00:03:07.540 That's one of the best use cases in my experience. 36 00:03:07.920 --> 00:03:13.320 So it does that here and then also uses this regular expression to check whether the email 37 00:03:13.480 --> 00:03:17.240 is an email, sending back an error code if it's not. 38 00:03:18.680 --> 00:03:20.640 And then it checks the password length. 39 00:03:21.600 --> 00:03:26.080 It also checks whether we have a user with that email address already and if that's 40 00:03:26.080 --> 00:03:28.420 the case it also sends back an error status code. 41 00:03:29.540 --> 00:03:36.360 So I can accept this and with that this controller function, this signup function has been improved 42 00:03:36.360 --> 00:03:39.520 and we got better validation in place here. 43 00:03:40.520 --> 00:03:44.280 Now of course there still would be different ways of performing this validation. 44 00:03:44.580 --> 00:03:48.400 You could still tweak that code and you can do this with or without AI. 45 00:03:49.280 --> 00:03:52.380 If you know what you want to do you might be quicker without AI. 46 00:03:52.900 --> 00:03:56.520 But here I'm pretty happy with what I got here. 47 00:03:57.560 --> 00:04:02.000 So that's looking good to me and I'm ready to test this soon enough. 48 00:04:03.120 --> 00:04:05.440 I also want to tweak the validation here though. 49 00:04:05.640 --> 00:04:11.360 I don't need detailed validation when logging users in because I'll validate their credentials 50 00:04:11.360 --> 00:04:11.900 anyways. 51 00:04:12.140 --> 00:04:14.000 At least I'll soon do that. 52 00:04:14.280 --> 00:04:19.620 But I want to make sure that email and password are not strings full of blanks. 53 00:04:20.680 --> 00:04:29.420 So I'll tweak this part here and say make sure that email and password are not just 54 00:04:29.640 --> 00:04:35.680 strings full of blanks and that should make sure that this trim method gets added. 55 00:04:36.780 --> 00:04:41.180 Though arguably we could have also done this without AI and we might have been faster. 56 00:04:41.500 --> 00:04:46.700 So yeah it's actually a good example for slowly falling into the trap of using AI for 57 00:04:46.700 --> 00:04:47.100 everything. 58 00:04:47.320 --> 00:04:49.560 You really want to be careful regarding that. 59 00:04:50.700 --> 00:04:51.800 So that's that. 60 00:04:51.980 --> 00:04:53.540 Now I'm not fully finished yet. 61 00:04:54.200 --> 00:05:00.340 For example here when checking the password right now I'm assuming that the password is 62 00:05:00.340 --> 00:05:05.540 stored as plain text and I am indeed storing it as plain text here. 63 00:05:05.960 --> 00:05:08.340 And that's not the way it should work. 64 00:05:09.120 --> 00:05:15.460 But it's a first step and it is something we can test before we then refine this application.