# How to validate if input in input field is a valid credit card number using express-validator ?

• Last Updated : 08 Apr, 2022

In HTML forms, we often required validation of different types. Validate existing email, validate password length, validate confirm password, validate to allow only integer inputs, these are some examples of validation. In a certain input field, only valid credit card numbers are allowed i.e. there not allowed any other string or number which not follow the rule to be a valid credit card. We can also validate these input fields to only accept a valid credit card number using express-validator middleware.

Condition to be a valid credit card number:

Credit card number must follow the Luhn’s algorithm as shown below:

The Luhn Formula:

• Drop the last digit from the number. The last digit is what we want to check against.
• Reverse the numbers.
• Multiply the digits in odd positions (1, 3, 5, etc.) by 2 and subtract 9 to all any result higher than 9.
• Add all the numbers together.
• The check digit (the last number of the card) is the amount that you would need to add to get a multiple of 10 (Modulo 10).

Example:
Original Number: 4 5 5 6 7 3 7 5 8 6 8 9 9 8 5 5
Drop the last digit: 4 5 5 6 7 3 7 5 8 6 8 9 9 8 5
Reverse the digits: 5 8 9 9 8 6 8 5 7 3 7 6 5 5 4
Multiple odd place digits by 2: 10 8 18 9 16 6 16 5 14 3 14 6 10 5 8
Subtract 9 to numbers over 9: 1 8 9 9 7 6 7 5 5 3 5 6 1 5 8
Add all numbers: 1 8 9 9 7 6 7 5 5 3 5 6 1 5 8 = 85
Mod 10: 85 modulo 10 = 5 (last digit of card)

Command to install express-validator:

npm install express-validator

Steps to use express-validator to implement the logic:

• Install express-validator middleware.
• Create a validator.js file to code all the validation logic.
• Validate input by validateInputField: check(input field name) and chain on validation isCreditCard() with ‘ . ‘
• Use the validation name(validateInputField) in the routes as a middleware as an array of validations.
• Destructure ‘validationResult’ function from express-validator to use it to find any errors.
• If error occurs redirect to the same page passing the error information.
• If error list is empty, give access to the user for the subsequent request.

Note: Here we use local or custom database to implement the logic, the same steps can be followed to implement the logic in a regular database like MongoDB or MySql.

Example: This example illustrates how to validate an input field to only allow a valid credit card number.

## javascript

 const express = require('express')const bodyParser = require('body-parser')const {validationResult} = require('express-validator')const repo = require('./repository')const { validateCardNumber } = require('./validator')const formTemplet = require('./form') const app = express()const port = process.env.PORT || 3000 // The body-parser middleware to parse form dataapp.use(bodyParser.urlencoded({extended : true})) // Get route to display HTML formapp.get('/', (req, res) => {  res.send(formTemplet({}))}) // Post route to handle form submission logic andapp.post(  '/cardinfo',  [validateCardNumber],  async (req, res) => {    const errors = validationResult(req)    if (!errors.isEmpty()) {      return res.send(formTemplet({errors}))    }      const {cname, cno, edate} = req.body     // New record    await repo.create({      'card name':cname,      'card number':cno,      'expiry date':edate.toString()    })     res.send('Card information is saved '    + 'to the database successfully')}) // Server setupapp.listen(port, () => {  console.log(`Server start on port \${port}`)})

Filename – repository.js: This file contains all the logic to create a local database and interact with it.

## javascript

 // Importing node.js file system moduleconst fs = require('fs') class Repository {    constructor(filename) {         // Filename where datas are going to store        if (!filename) {            throw new Error('Filename is required to create a datastore!')        }         this.filename = filename try {            fs.accessSync(this.filename)        }         catch (err) {             // If file not exist it is created            // with empty array            fs.writeFileSync(this.filename, '[]')        }    }     // Get all existing records    async getAll() {        return JSON.parse(            await fs.promises.readFile(this.filename, {                encoding: 'utf8'            }))    }     // Create new record    async create(attrs) {         // Fetch all existing records        const records = await this.getAll()         // All the existing records with new        // record push back to database        records.push(attrs)        await fs.promises.writeFile(this.filename,            JSON.stringify(records, null, 2))         return attrs    }} // The 'datastore.json' file created at runtime// and all the information provided via signup form// store in this file in JSON format.module.exports = new Repository('datastore.json')

Filename – form.js: This file contains logic to show form to submit the card information.

## javascript

 const getError = (errors, prop) => {  try {    return errors.mapped()[prop].msg  } catch (error) {    return ''  }} module.exports = ({errors}) => {  return `       div.columns {      margin-top: 100px;    }     .button {      margin-top: 10px    }

\${getError(errors, 'cno')}

`}

Filename – validator.js: This file contain all the validation logic(Logic to validate a input field to only allow a valid credit card number).

## javascript

 const {check} = require('express-validator')const repo = require('./repository')module.exports = {     validateCardNumber : check('cno')     // To delete leading and trailing space    .trim()     // Validate height to accept    // only decimal number    .isCreditCard()     // Custom message    .withMessage('Must be a valid credit card number')  }

Filename – package.json

package.json file

Database:

Database

Output:

Attempt to submit the form with invalid card number(not following luhn formula)

Attempt to submit the form with invalid card number(not following luhn formula and also no credit card started with number 9)

Response when attempt to submit the form with invalid card number

Attempt to submit the form with valid card number(following luhn formula)

Response when attempt to submit the form with valid card number

Database after successful submission of form:

Database after successful submission of form

Note: We have used some Bulma classes(CSS framework) in the form.js file to design the content.

My Personal Notes arrow_drop_up