feat: add validator in utils

Author: miello

packages/core/src/collection.ts

@@ -3,12 +3,13 @@ import type { ConditionalExcept, Simplify, UnionToIntersection, ValueOf } from '
 import z from 'zod'
 
 import type { MinimalContext } from './config'
-import type {
-  ApiRoute,
-  ApiRouteHandler,
-  ApiRouter,
-  ApiRouteSchema,
-  ClientApiRouter,
+import {
+  type ApiRoute,
+  type ApiRouteHandler,
+  type ApiRouter,
+  type ApiRouteSchema,
+  type ClientApiRouter,
+  createEndpoint,
 } from './endpoint'
 import {
   type Field,
@@ -23,7 +24,7 @@ import {
   fieldsToZodObject,
   type FieldsWithFieldName,
 } from './field'
-import type { GetTableByTableTsName, ToZodObject } from './utils'
+import { type GetTableByTableTsName, type ToZodObject } from './utils'
 
 type SimplifyConditionalExcept<Base, Condition> = Simplify<ConditionalExcept<Base, Condition>>
 
@@ -724,7 +725,10 @@ export function getAllCollectionEndpoints<
               return { status: 200, body: response }
             }
 
-            return [endpointName, { schema, handler } satisfies ApiRoute<any, typeof schema>]
+            return [
+              endpointName,
+              createEndpoint(schema, handler) satisfies ApiRoute<any, typeof schema>,
+            ]
           }
           case ApiDefaultMethod.FIND_ONE: {
             const response = fieldsToZodObject(fields)
@@ -752,7 +756,10 @@ export function getAllCollectionEndpoints<
               return { status: 200, body: response }
             }
 
-            return [endpointName, { schema, handler } satisfies ApiRoute<any, typeof schema>]
+            return [
+              endpointName,
+              createEndpoint(schema, handler) satisfies ApiRoute<any, typeof schema>,
+            ]
           }
           case ApiDefaultMethod.FIND_MANY: {
             const response = fieldsToZodObject(fields)
@@ -786,7 +793,10 @@ export function getAllCollectionEndpoints<
               return { status: 200, body: response }
             }
 
-            return [endpointName, { schema, handler } satisfies ApiRoute<any, typeof schema>]
+            return [
+              endpointName,
+              createEndpoint(schema, handler) satisfies ApiRoute<any, typeof schema>,
+            ]
           }
           case ApiDefaultMethod.UPDATE: {
             const body = fieldsToZodObject(fields)
@@ -820,7 +830,10 @@ export function getAllCollectionEndpoints<
               return { status: 200, body: response }
             }
 
-            return [endpointName, { schema, handler } satisfies ApiRoute<any, typeof schema>]
+            return [
+              endpointName,
+              createEndpoint(schema, handler) satisfies ApiRoute<any, typeof schema>,
+            ]
           }
           case ApiDefaultMethod.DELETE: {
             const schema = {
@@ -846,7 +859,10 @@ export function getAllCollectionEndpoints<
               return { status: 200, body: { message: 'ok' } }
             }
 
-            return [endpointName, { schema, handler } satisfies ApiRoute<any, typeof schema>]
+            return [
+              endpointName,
+              createEndpoint(schema, handler) satisfies ApiRoute<any, typeof schema>,
+            ]
           }
           default:
             throw new Error(`Unknown method: ${method}`)

packages/core/src/endpoint.ts

@@ -4,6 +4,7 @@ import type { z, ZodType } from 'zod'
 import zodToJsonSchema from 'zod-to-json-schema'
 
 import type { MaybePromise } from './collection'
+import { withValidator } from './utils'
 
 export type ApiHttpStatus = 200 | 201 | 204 | 301 | 302 | 400 | 401 | 403 | 404 | 409 | 422 | 500
 
@@ -166,7 +167,7 @@ export function createEndpoint<
 >(schema: TApiEndpointSchema, handler: ApiRouteHandler<TContext, TApiEndpointSchema>) {
   return {
     schema,
-    handler,
+    handler: withValidator(schema, handler),
   }
 }
 

packages/core/src/utils.ts

@@ -1,8 +1,10 @@
 import type { Column, TableRelationalConfig } from 'drizzle-orm'
 import { is, Table } from 'drizzle-orm'
 import type { IsNever, Simplify, ValueOf } from 'type-fest'
-import type { ZodObject, ZodOptional, ZodType } from 'zod'
+import type { ZodError, ZodObject, ZodOptional, ZodType } from 'zod'
 
+import type { MaybePromise } from './collection'
+import type { ApiHttpStatus, ApiRouteHandlerPayloadWithContext, ApiRouteSchema } from './endpoint'
 import type { Field, FieldRelation, Fields, FieldsInitial, FieldsWithFieldName } from './field'
 
 export function isRelationField(field: Field): field is FieldRelation {
@@ -115,6 +117,93 @@ export function mapValueToTsValue(
   return Object.fromEntries(mappedEntries.filter((r) => r.length > 0))
 }
 
+export async function validateRequestBody<
+  TApiRouteSchema extends ApiRouteSchema = any,
+  TContext extends Record<string, unknown> = Record<string, unknown>,
+>(schema: TApiRouteSchema, payload: ApiRouteHandlerPayloadWithContext<TApiRouteSchema, TContext>) {
+  const zodErrors: ZodError[] = []
+  if (schema.query) {
+    const err = await schema.query.safeParseAsync((payload as any).query)
+    if (!err.success) {
+      zodErrors.push(err.error)
+    }
+  }
+
+  if (schema.pathParams) {
+    const err = await schema.pathParams.safeParseAsync((payload as any).pathParams)
+    if (!err.success) {
+      zodErrors.push(err.error)
+    }
+  }
+
+  if (schema.headers) {
+    const err = await schema.headers.safeParseAsync(payload.headers)
+    if (!err.success) {
+      zodErrors.push(err.error)
+    }
+  }
+
+  if (schema.method !== 'GET' && schema.body) {
+    const err = await schema.body.safeParseAsync((payload as any).body)
+    if (!err.success) {
+      zodErrors.push(err.error)
+    }
+  }
+
+  return zodErrors
+}
+
+export function validateResponseBody<TApiRouteSchema extends ApiRouteSchema = any>(
+  schema: TApiRouteSchema,
+  statusCode: ApiHttpStatus,
+  response: any
+) {
+  if (!schema.responses[statusCode]) {
+    throw new Error(`No response schema defined for status code ${statusCode}`)
+  }
+
+  const result = schema.responses[statusCode].safeParse(response)
+  return result.error
+}
+
+export function withValidator<
+  TApiRouteSchema extends ApiRouteSchema,
+  TContext extends Record<string, unknown>,
+>(
+  schema: TApiRouteSchema,
+  handler: (
+    payload: ApiRouteHandlerPayloadWithContext<TApiRouteSchema, TContext>
+  ) => MaybePromise<any>
+): (payload: ApiRouteHandlerPayloadWithContext<TApiRouteSchema, TContext>) => MaybePromise<any> {
+  return async (payload: ApiRouteHandlerPayloadWithContext<TApiRouteSchema, TContext>) => {
+    const zodErrors = await validateRequestBody(schema, payload)
+    if (zodErrors.length > 0) {
+      return {
+        status: 400,
+        body: {
+          error: 'Validation failed',
+          details: zodErrors.map((e) => e.message),
+        },
+      }
+    }
+
+    const response = await handler(payload)
+
+    const validationError = validateResponseBody(schema, response.status, response.body)
+    if (validationError) {
+      return {
+        status: 500,
+        body: {
+          error: 'Response validation failed',
+          details: validationError.errors.map((e) => e.message),
+        },
+      }
+    }
+
+    return response
+  }
+}
+
 export type JoinArrays<T extends any[]> = Simplify<
   T extends [infer A]
     ? IsNever<A> extends true