Skip to content
data-driven JavaScript API validation
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Loch Down Your API


Loch offers a way to enforce your API at a level above your model, and return sane, helpful errors at the same time. The functions included operate on JSON objects, validating and sanitizing them for use for and by your API users.

Specify, using data what you expect to get from the users of your API, and tell them off when they don't do it right.

Sample Usage

For example, you might require the user to give a name with the current request, but they can choose whether or not to give an age:

{ name: true, age: false }

Or you might require that they give a username with at least 5 chars, as well as a sex which may be either male, female, or other.

{ username: [true,
             function(val, key) {
                   if (val.length > 4) return true;
                   else return key + " must be >= 5";
  sex: [true, ['male', 'female', 'other']] }

Then validate the request parameters (a JSON object) like so:

validates(validation, params)

Which returns true if the request is valid, or else returns a map of keys and errors if the request is not valid.

You can find extensive documentation in DOCUMENTATION.markdown. There is more documentation to come on auxillary functions.


A test suite may be found in tests. It should be run with vows. (I use vows --spec, because it's helpful).

Tests are also a good source of example usage.


Contributions are much appreciated. Please issue a pull request with a description of your addition, along with rational behind it, and ideally some tests. Please make sure the tests pass. Also, you may want to run jshint on the code.


loch uses underscore. Underscore is lovely.

Something went wrong with that request. Please try again.