基于 hyperf/validation 的请求验证组件,支持注解式验证和 FormRequest 验证器。 内置中文错误提示兜底、本地无语言包也能返回中文;默认安全过滤多余字段,可选安全模式拒绝未定义字段。
- 🚀 Hyperf 原生验证:完全基于 hyperf/validation,兼容所有 Laravel 规则
- 📝 双模式:内联规则 + FormRequest 验证器,支持场景
- ⚡ 性能优化:多层缓存(配置/类检查/字段列表),更快
- 🛡️ 安全稳定:可选安全模式拦截未定义字段,内置中文错误兜底,无语言包仍返回中文
- 🔧 Query/Body 分离:清晰区分 URL 参数与请求体校验
- ✅ CI 覆盖:GitHub Actions 多 PHP 版本自动化测试
⚠️ 破坏性变更: 4.0 版本移除了 ThinkPHP 风格的Validate基类,仅支持 Hyperf 原生FormRequest。
composer require hyperf-plus/validate:^4.0composer require hyperf/validation hyperf/translation php bin/hyperf.php vendor:publish hyperf/translation<?php use HPlus\Route\Annotation\PostApi; use HPlus\Route\Annotation\ApiController; use HPlus\Validate\Annotations\RequestValidation; #[ApiController(prefix: '/api/users')] class UserController { #[PostApi] #[RequestValidation( rules: [ 'name' => 'required|string|max:50', 'email' => 'required|email|unique:users', 'password' => 'required|min:6|confirmed', ], messages: [ 'name.required' => '用户名不能为空', 'email.unique' => '该邮箱已被注册', ] )] public function create() { return ['message' => 'success']; } }// 定义验证器 use Hyperf\Validation\Request\FormRequest; class CreateUserRequest extends FormRequest { protected array $scenes = [ 'create' => ['name', 'email', 'password'], 'update' => ['name', 'email'], ]; public function rules(): array { return [ 'name' => 'required|string|max:50', 'email' => 'required|email', 'password' => 'required|min:6|confirmed', ]; } public function messages(): array { return [ 'name.required' => '用户名不能为空', ]; } } // 使用验证器 #[PostApi] #[RequestValidation(validate: CreateUserRequest::class, scene: 'create')] public function create() {}#[RequestValidation( rules: [], // 请求体验证规则 queryRules: [], // URL 查询参数验证规则 messages: [], // 自定义错误消息 attributes: [], // 字段别名 mode: 'json', // 请求体解析模式:json | form | xml filter: false, // 是否过滤多余字段 security: false, // 安全模式(拒绝未定义字段) stopOnFirstFailure: false, // 首错即停 validate: '', // FormRequest 类名 scene: '', // 验证场景 )]#[GetApi] #[RequestValidation( queryRules: [ 'page' => 'integer|min:1', 'size' => 'integer|between:1,100', 'keyword' => 'nullable|string|max:50', ] )] public function list() {}#[PostApi(path: '/search')] #[RequestValidation( queryRules: [ 'page' => 'required|integer|min:1', ], rules: [ 'filters' => 'array', 'sort' => 'string|in:asc,desc', ] )] public function search() {}拒绝请求中包含未定义的字段:
#[RequestValidation( rules: ['name' => 'required', 'email' => 'required'], security: true // 如果请求包含 name/email 以外的字段,将抛出异常 )]自动过滤多余字段,只保留规则中定义的字段:
#[RequestValidation( rules: ['name' => 'required', 'email' => 'required'], filter: true // 请求体将只包含 name 和 email )]完全兼容 Laravel/Hyperf Validation 所有规则:
| 分类 | 规则 |
|---|---|
| 基础 | required, nullable, string, integer, numeric, boolean, array |
| 字符串 | email, url, ip, uuid, alpha, alpha_num, regex:pattern |
| 数值 | min:value, max:value, between:min,max, size:value, gt:field, gte:field |
| 日期 | date, date_format:format, before:date, after:date |
| 数组 | in:foo,bar, not_in:foo,bar, distinct, array |
| 数据库 | unique:table,column, exists:table,column |
| 文件 | file, image, mimes:jpg,png, max:size |
| 关系 | confirmed, same:field, different:field, required_if:field,value |
更多规则:https://laravel.com/docs/validation#available-validation-rules
// config/autoload/dependencies.php use Hyperf\Validation\Contract\ValidatorFactoryInterface; use Hyperf\Validation\ValidatorFactory; return [ ValidatorFactoryInterface::class => function ($container) { $factory = $container->get(ValidatorFactory::class); $factory->extend('phone', function ($attribute, $value) { return preg_match('/^1[3-9]\d{9}$/', $value); }); return $factory; }, ]; // 使用 #[RequestValidation(rules: ['mobile' => 'required|phone'])]#[RequestValidation( rules: [ 'users' => 'required|array|min:1', 'users.*.name' => 'required|string', 'users.*.email' => 'required|email', ] )]#[RequestValidation( rules: [ 'type' => 'required|in:person,company', 'id_card' => 'required_if:type,person|size:18', 'license' => 'required_if:type,company', ] )]验证失败抛出 ValidateException(HTTP 422):
// app/Exception/Handler/ValidationExceptionHandler.php use HPlus\Validate\Exception\ValidateException; use Hyperf\ExceptionHandler\ExceptionHandler; class ValidationExceptionHandler extends ExceptionHandler { public function handle(Throwable $throwable, ResponseInterface $response) { if ($throwable instanceof ValidateException) { return $response->withStatus(422)->json([ 'code' => 422, 'message' => $throwable->getMessage(), ]); } return $response; } public function isValid(Throwable $throwable): bool { return $throwable instanceof ValidateException; } }tests/ ├── Unit/ │ ├── RuleParserTest.php # 规则解析器测试 │ └── ValidationAspectTest.php # 验证切面测试 ├── Feature/ │ ├── ValidationRulesTest.php # 验证规则功能测试 │ ├── ValidationModeTest.php # 验证模式测试 │ └── ValidationAspectFullCoverageTest.php # 完整覆盖测试 └── Performance/ └── ValidationPerformanceTest.php # 性能测试 运行测试:
composer test| 特性 | 3.x | 4.0 |
|---|---|---|
| ThinkPHP Validate | ✅ | ❌ 移除 |
| Hyperf FormRequest | ✅ | ✅ |
| 内联规则 | ✅ | ✅ |
dateType 参数 | ✅ | ❌ 改为 mode |
validate + scene | 分离注解 | 统一到 RequestValidation |
| 缓存统计 | ✅ | ❌ 移除(无意义开销) |
// 3.x (旧) #[Validation(validate: UserValidator::class, scene: 'create')] #[RequestValidation(rules: [...], dateType: 'json')] // 4.0 (新) #[RequestValidation(validate: UserValidator::class, scene: 'create')] #[RequestValidation(rules: [...], mode: 'json')]MIT