Skip to content

feat(backend): platform-wide request validation contracts (#347)#457

Open
NickiM84 wants to merge 3 commits into
gear5labs:masterfrom
NickiM84:feat/platform-validation-contracts
Open

feat(backend): platform-wide request validation contracts (#347)#457
NickiM84 wants to merge 3 commits into
gear5labs:masterfrom
NickiM84:feat/platform-validation-contracts

Conversation

@NickiM84

Copy link
Copy Markdown

Closes #347

NickiM84 added 3 commits June 1, 2026 19:23
…#347)

- Add validation middleware with standardized error responses
- Create reusable DTOs for auth, bot, transaction, and horizon proxy endpoints
- Replace scattered manual validation with structured validation middleware
- Fix orphaned liquidity route in routes.ts
- Implement validateBody, validateQuery, validateParams helpers
…idation-v2

feat: platform-wide request validation contracts (gear5labs#347)
)

Introduces a unified, typed contract surface for every HTTP request in the

platform: ApiError factory + success helpers + reusable DTOs, the

validateBody/validateQuery/validateParams middleware (Express 5 safe),

and 30 unit tests covering the canonical error envelope and all DTO paths.

* src/contracts/{errorContract,responseContract,dtos,index}.ts

  - ApiError factory + ApiErrorCode enum + success helpers (ok/created/noContent).

  - Reusable DTOs: IdParamDto, UserIdParamDto, SessionIdParamDto,

    IpAddressParamDto, UuidParamDto, PaginationQueryDto, PageQueryDto,

    DateRangeQueryDto, IpAddressBodyDto, BlacklistAddBodyDto,

    BlacklistBulkAddBodyDto, BlacklistListQueryDto, AuditLogListQueryDto.

  - @IsOptionalBooleanString + booleanFromStringTransform pair closes

    the class-transformer truthy-coerce footgun (?activeOnly=garbage).

* src/Gateway/middleware/validation.ts

  - validateBody/Query/Params now throw ApiError.validationFailed, which

    the central ErrorHandler renders to the canonical envelope.

  - Shadows Express 5 getter-only req.query via Object.defineProperty.

* src/{Auth,AuditLog,Security}/*.routes.ts

  - Mount the new validate* middleware and use the shared DTOs

    (LoginDto, PaginationQueryDto, BlacklistListQueryDto,

    BlacklistBulkAddBodyDto, AuditLogListQueryDto, IdParamDto,

    UserIdParamDto, IpAddressParamDto, etc.).

* src/utils/{error,successResponse,expressAsync}.ts

  - Thin re-export shims from src/contracts for back-compat.

* tests/unit/platformContracts.test.ts

  - 30 tests: ApiError envelope, ok/created/noContent helpers, every

    DTO path, garbage-rejection for @IsOptionalBooleanString, central

    ErrorHandler integration (incl. Postgres 23505 -> DUPLICATE_ENTRY).

* docs/PLATFORM_VALIDATION_CONTRACTS.md

  - Wire-format / SDK-generator / OpenAPI rationale.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Backend] Introduce platform-wide request validation contracts

1 participant