✅ Add Zod Validation to API Endpoints
📋 Overview
Currently, input validation for the todos API endpoints is handled manually using custom logic. This ticket is to replace that custom validation with robust schemas using the Zod library for all relevant request payloads. Validating inputs declaratively ensures the API is easier to maintain, more extensible, and provides consistent error messages.
🎯 Acceptance Criteria
🔧 Technical Requirements
- Install Zod (
npm install zod)
- Define and export a
todoSchema, and any other necessary Zod schemas, in a single shared file, e.g., lib/validation/todo.ts
- Use the Zod schema’s
.safeParse() method (or .parse()/.refine() as appropriate) within the API route handlers
- Refactor out all manual validation logic, calling Zod instead
- Error responses return:
status: 400- A JSON body with error details from Zod
🚫 Out of Scope
- Response validation (focus only on request validation)
- Adding new API endpoints beyond the todos already present
- Authentication checks
- Custom error messages (using plain zod validation error messages is allowed)
✅ Getting Started
1. Install Zod
2. Define the schema(s)
For example, in lib/validation/todo.ts:
import { z } from "zod"
export const createTodoSchema = z.object({
text: z.string().min(1, "Todo text is required").max(255)
})3. Use in API handler (example):
import { createTodoSchema } from "@/lib/validation/todo"
export async function POST(request: NextRequest) {
const body = await request.json()
const validation = createTodoSchema.safeParse(body)
if (!validation.success) {
return NextResponse.json({ error: validation.error.format() }, { status: 400 })
}
// continue with validated data: validation.data
}4. Remove previous custom validation logic.
📚 Resources
💡 Tips
- Define all validation schemas in one place and re-use them
- Customize error messages in the Zod schemas for clarity
- Use
.trim() in the Zod string schemas as needed
✅ Add Zod Validation to API Endpoints
📋 Overview
Currently, input validation for the todos API endpoints is handled manually using custom logic. This ticket is to replace that custom validation with robust schemas using the Zod library for all relevant request payloads. Validating inputs declaratively ensures the API is easier to maintain, more extensible, and provides consistent error messages.
🎯 Acceptance Criteria
app/api/todos/use Zod schemas for validating request bodiesPOST /api/todos)PUT /api/todos/[id])if (!body.text || typeof body.text !== "string" || !body.text.trim()) ...)🔧 Technical Requirements
npm install zod)todoSchema, and any other necessary Zod schemas, in a single shared file, e.g.,lib/validation/todo.ts.safeParse()method (or.parse()/.refine()as appropriate) within the API route handlersstatus: 400🚫 Out of Scope
✅ Getting Started
1. Install Zod
2. Define the schema(s)
For example, in
lib/validation/todo.ts:3. Use in API handler (example):
4. Remove previous custom validation logic.
📚 Resources
💡 Tips
.trim()in the Zod string schemas as needed