feat: implement Joi request validation middleware for auth routes (#50) (Apertre3.0)#70
Conversation
|
Hi @akshay0611 This is the PR for the issue no : #50 The PR is ready for review , kindly check it out!! |
|
Hi @akshay0611 there were some merge conflicts which got resolved , kindly check this out and verify the pull request |
|
@akshay0611 ?? |
|
The PRs would be reviewed before Monday EOD.
Thanks & Regards
Akshay Kumar
…On Sat, Feb 14, 2026, 22:57 Aditya Patra ***@***.***> wrote:
*Aditya-18849* left a comment (Nsanjayboruds/RIVETO#70)
<#70 (comment)>
@akshay0611 <https://github.com/akshay0611> ??
—
Reply to this email directly, view it on GitHub
<#70 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ATTSBQ3UZRPBEIHIVXR6DV34L5LHJAVCNFSM6AAAAACVAWP6UKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTSMBSGIYDQMRRGA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
akshay0611
left a comment
akshay0611
left a comment
There was a problem hiding this comment.
Thanks for the request-validation work - good direction overall. I re-verified PR #70 locally and found a few blockers before merge:
backend/package-lock.jsonis currently malformed JSON (the@standard-schema/specblock is incomplete), so install/update flows will fail.backend/routes/authRoutes.jsimports../controller/authController.js, but the tracked file isauthcontroller.js; this can fail on case-sensitive environments (Linux/CI/prod).- Validation rules are inconsistent: Joi registration allows password length >=6, while controller logic still enforces >=8.
Please fix these and I can re-review quickly.
Aditya-18849
force-pushed
the
feature/request-validation
branch
from
b6c73fd to
c5a6445
Compare
|
hi @akshay0611 i have the pr ready for review and solved the backend merge conflicts , kindly check this out |
|
Thanks for the update @Aditya-18849 . I re-verified PR #70 at the latest head and here’s the current status:
Additional blockers introduced in the latest update:
Please address these remaining issues, then I can do a quick final re-review. |
|
Hi @akshay0611 , the PR is ready and ready for review |
akshay0611
left a comment
akshay0611
left a comment
There was a problem hiding this comment.
Good progress on the validation updates, and thanks for addressing the earlier blockers.
I am merging this PR now.
One non-blocking cleanup point for future PR quality: the Swagger JSDoc block in backend/routes/authRoutes.js still has formatting/content issues (for example -QP email and YAML indentation). Runtime works, but malformed Swagger comments can break or degrade generated API docs.
Best practice to follow going forward:
- Keep Swagger YAML indentation strict and consistent.
- Validate field entries carefully (avoid typos in schema keys/items).
- Quickly verify
/api-docsrenders correctly before requesting review.
2 participants
📝 Overview
This PR introduces a robust validation layer using Joi to intercept requests before they reach the controllers. It ensures that only valid data is processed by the backend, improving security and providing clear feedback to the frontend.
Key Implementation Details
Library: Used joi for schema definition as discussed in #50.
Middleware: Created validateRequest.js which acts as a "traffic cop."
Feature: Enabled abortEarly: false so the user receives ALL validation errors at once (instead of just the first one).
Response: Returns a clean 400 JSON response with an array of error messages.
Schemas: Created validators/authSchemas.js containing strict rules for:
registerSchema: Enforces name length (min 3), valid email, and password length (min 6).
loginSchema: Enforces valid email and non-empty password.
Routes: Applied the middleware to the /registration and /login routes in authRoutes.js.
How To Test :
Pull this branch and run npm run dev in the backend.
Send a POST request to /api/auth/registration with invalid data (e.g., short name, bad email).
Expected Response :{
"success": false,
"message": "Validation Error",
"errors": [
"Name must be at least 3 characters",
"Please provide a valid email address"
]
}