✨ feat: implement input validation for API v2

- Added go-playground/validator dependency - Created pkg/validation/ package with custom validator wrapper - Implemented request validation for v2 greet endpoint - Added structured validation error responses - Extended BDD tests to cover validation scenarios - Updated AGENTS.md with v2 API documentation - Created ADR 0011-validation-library-selection.md - Simplified server handler creation code - Updated CHANGELOG with implementation details
2026-04-04 21:08:13 +02:00
parent 875eb09fb7
commit d3b6d190d1
11 changed files with 489 additions and 14 deletions
--- a/pkg/greet/api_v2.go
+++ b/pkg/greet/api_v2.go
@@ -3,9 +3,12 @@ package greet
 import (
 	"context"
 	"encoding/json"
+	"errors"
+	"strconv"
 	"io"
 	"net/http"

+	"DanceLessonsCoach/pkg/validation"
 	"github.com/go-chi/chi/v5"
 	"github.com/rs/zerolog/log"
 )
@@ -19,11 +22,12 @@ type ApiV2Greet interface {
 }

 type apiV2GreetHandler struct {
-	greeter GreeterV2
+	greeter    GreeterV2
+	validator *validation.Validator
 }

-func NewApiV2GreetHandler(greeter GreeterV2) ApiV2Greet {
-	return &apiV2GreetHandler{greeter: greeter}
+func NewApiV2GreetHandler(greeter GreeterV2, validator *validation.Validator) ApiV2Greet {
+	return &apiV2GreetHandler{greeter: greeter, validator: validator}
 }

 func (h *apiV2GreetHandler) RegisterRoutes(router chi.Router) {
@@ -33,7 +37,7 @@ func (h *apiV2GreetHandler) RegisterRoutes(router chi.Router) {
 }

 type greetRequest struct {
-	Name string `json:"name"`
+	Name string `json:"name" validate:"max=100"`
 }

 type greetResponse struct {
@@ -55,6 +59,17 @@ func (h *apiV2GreetHandler) handleGreetPost(w http.ResponseWriter, r *http.Reque
 		return
 	}

+	// Validate request if validator is available
+	if h.validator != nil {
+		log.Trace().Str("name", req.Name).Msg("Validating request")
+		if err := h.validator.Validate(req); err != nil {
+			log.Trace().Err(err).Msg("Validation failed")
+			h.handleValidationError(w, err)
+			return
+		}
+		log.Trace().Msg("Validation passed")
+	}
+
 	// Call service
 	message := h.greeter.GreetV2(r.Context(), req.Name)

@@ -62,6 +77,34 @@ func (h *apiV2GreetHandler) handleGreetPost(w http.ResponseWriter, r *http.Reque
 	h.writeJSONResponse(w, message)
 }

+func (h *apiV2GreetHandler) handleValidationError(w http.ResponseWriter, err error) {
+	var validationErr *validation.ValidationError
+	if errors.As(err, &validationErr) {
+		// Create structured validation error response
+		response := map[string]interface{}{
+			"error":   "validation_failed",
+			"message": "Invalid request data",
+			"details": make([]map[string]string, 0, len(validationErr.Messages)),
+		}
+
+		// Parse validation messages into structured format
+		for _, msg := range validationErr.Messages {
+			// Simple parsing - in production, use proper parsing
+			detail := map[string]string{
+				"message": msg,
+			}
+			response["details"] = append(response["details"].([]map[string]string), detail)
+		}
+
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusBadRequest)
+		json.NewEncoder(w).Encode(response)
+	} else {
+		// Fallback for other types of errors
+		http.Error(w, `{"error":"validation_error","message":`+strconv.Quote(err.Error())+`}`, http.StatusBadRequest)
+	}
+}
+
 func (h *apiV2GreetHandler) writeJSONResponse(w http.ResponseWriter, message string) {
 	w.Header().Set("Content-Type", "application/json")
 	json.NewEncoder(w).Encode(greetResponse{Message: message})