Validation on query string parameters of .Net Core Action Method

Question

I have a .Net Core 2.2 Web API. One of my controller action methods takes two query string parameter, a year and a month.

GET: /api/ItemsForMonth?year=2019&month=8

The action method looks like this:

[HttpGet]
public async Task>> GetItemsForMonth([FromQuery] int year, [FromQuery] int month)
{
    if (year <= 2000 || month <= 0 || month > 13)
        return BadRequest("Please check the year and month parameters.");
}

So I am checking to make sure that the year is greater than 2000, and the month is between 1 and 12.

Is that the best way of doing it? I know if the parameters were part of the route instead of query strings (and maybe they should be?) I could do this

GET: /api/ItemsForMonth/2019/8

[HttpGet("/{year:int:min(2000)}/{month:int:min(1):max(12)}")]
public async Task>> GetItemsForMonth()
{
}

But is there something similar for query string parameters?

Thanks

Jota.Toledo · Accepted Answer

One approach would be to bind the query parameters into a model and use basic attribute-based model validation:

class DateQueryParameters {
  [Required]
  [Range(2000, int.MaxValue)]
  public int Year {get;set;}

  [Required]
  [Range(1, 12)]
  public int Month {get;set;}
}

[HttpGet]
public async Task GetItemsForMonth([FromQuery] DateQueryParameters dateParameters)
{
    if(!this.ModelState.IsValid){
       return Task.FromResult(this.BadRequest(this.ModelState));
    }
}

Model validation will be done automatically if your controller is decorated with the ApiController attribute.

Validation on query string parameters of .Net Core Action Method

Answers (2)

Related Questions