How to Validate String Length and Patterns
To validate string length and patterns in this project, you use the built-in validator classes provided in django.core.validators. These allow you to enforce character limits, verify complex text patterns using regular expressions, and ensure data integrity by prohibiting specific characters.
Enforcing Character Limits
You can enforce minimum and maximum character counts using MinLengthValidator and MaxLengthValidator. While CharField automatically applies a MaxLengthValidator when you define max_length, you must manually add MinLengthValidator to the validators list.
from django.db import models
from django.core.validators import MinLengthValidator, MaxLengthValidator
class Profile(models.Model):
# MaxLengthValidator(50) is added automatically because of max_length=50
username = models.CharField(max_length=50)
# Manually adding MinLengthValidator
bio = models.TextField(
validators=[MinLengthValidator(10, message="Bio must be at least 10 characters.")]
)
These validators work by calling len() on the input value, meaning they can also be used for lists or other collections if necessary.
Validating Patterns with Regular Expressions
Use RegexValidator to ensure a string matches a specific format. This is useful for phone numbers, custom IDs, or alphanumeric constraints.
from django.db import models
from django.core.validators import RegexValidator
class Employee(models.Model):
# Only allows digits
phone_number = models.CharField(
max_length=15,
validators=[
RegexValidator(
regex=r'^\d{9,15}$',
message="Phone number must be between 9 and 15 digits.",
code='invalid_phone'
)
]
)
Inverse Matching
If you want to ensure a string does not match a pattern, set inverse_match=True.
from django.core.validators import RegexValidator
# Rejects any string containing the word 'admin'
no_admin_validator = RegexValidator(
regex=r'admin',
message="The word 'admin' is not allowed.",
inverse_match=True
)
Prohibiting Null Characters
To prevent security issues or database errors related to null bytes (\x00), use the ProhibitNullCharactersValidator. Note that forms.CharField in this codebase automatically includes this validator by default.
from django.core.validators import ProhibitNullCharactersValidator
from django.core.exceptions import ValidationError
validator = ProhibitNullCharactersValidator()
try:
validator("safe_string") # Passes
validator("unsafe\x00string") # Raises ValidationError
except ValidationError as e:
print(e.message) # "Null characters are not allowed."
Customizing Error Messages and Codes
All string validators allow you to override the default error message and the internal error code (used for identifying errors in tests or API responses).
from django.core.validators import MaxLengthValidator
validator = MaxLengthValidator(
limit_value=10,
message="Too long! Keep it under 10 characters.",
code="text_overflow"
)
Troubleshooting
Flags and Compiled Regex
When using the flags argument (like re.IGNORECASE) with RegexValidator, the regex argument must be a raw string. You cannot pass a pre-compiled regex object if you are also providing flags.
import re
from django.core.validators import RegexValidator
# CORRECT: String regex with flags
v1 = RegexValidator(regex=r'[a-z]+', flags=re.IGNORECASE)
# INCORRECT: This will raise a TypeError
# v2 = RegexValidator(regex=re.compile(r'[a-z]+'), flags=re.IGNORECASE)
Search vs. Match
RegexValidator uses re.search internally, not re.match. This means it will find a match anywhere in the string. To ensure the entire string matches your pattern, use anchors like ^ (start) and $ (end).
# This will pass for "123abc456" because it finds digits
weak_validator = RegexValidator(regex=r'\d+')
# This will only pass if the ENTIRE string is digits
strong_validator = RegexValidator(regex=r'^\d+$')