Implement Comprehensive DTO-Based Input Validation Across Endpoints

[onlydustapp]

Overview

Enhance input validation across all controller routes by replacing the limited express-validator approach with a robust, DTO-based validation mechanism using class-validator. This improvement ensures that all incoming requests are properly validated and sanitized before processing, reducing potential errors and security vulnerabilities.

Background

While express-validator is currently listed as a dependency, its usage is not enforced consistently across endpoints. By shifting to DTO-based validation, we align with our Domain-Driven Design (DDD) approach and ensure that all API requests meet the specified validation rules defined by @is* decorators.

Requirements

• Convert input validation to use Data Transfer Objects (DTOs) with class-validator for every controller route.
• Ensure that all input fields are properly sanitized and validated.
• Update all relevant controllers to integrate with this validation mechanism.
• Maintain clear error handling for scenarios where input validation fails.

Technical Considerations

• The update should cover all endpoints defined in the project, ensuring consistency across the API.
• Follow the existing project structure for the DTO layer (see Project Structure).
• Make sure the updated validation logic adheres to the DTO-based approach outlined in the README.

Success Metrics

• All controller routes should use DTOs with appropriate @is* decorators.
• All inputs are sanitized and validated.
• Successful handling of invalid input by returning informative error messages.

Timeline

• Milestone: Validate all routes by the end of 2 days.

Let's get this improvement merged to make our APIs more robust and secure! 🚀

[solowiseCV]

Hey!

I'd love to take this one on.

Here’s how I plan to approach it:

Replace all existing express-validator usage with a DTO-based validation flow using class-validator and class-transformer

Create DTOs for each route based on its required input shape

Implement a reusable validationMiddleware to apply validation and sanitization

Ensure all controllers are updated to use the new middleware and DTOs

Add meaningful error messages for validation failures

Stick to the project’s structure and README conventions

I'll make sure all routes are covered and consistent with the DDD approach. Should be able to wrap it up within the 2-day milestone.

Let me know if you'd like me to start!

[kingjosmel]

I’m a fullstack dev using the NestJS stack — I’ll switch all input validation to use DTOs with class-validator, clean up the controllers, make sure every route is properly validated and errors are handled clearly. ETA: 1day Can I take this task?

[JosueBrenes]

Hi @Villarley
Can i work in this issue? please