search

Aquila169 / zod-express-middleware

Express middleware to validate requests using zod schema's.
MIT License
82 stars 13 forks source link

Better typesafety with request methods and url parameters #9

Open neolectron opened 1 year ago

neolectron commented 1 year ago

Hello, I'm facing a situation where I can do this :

const mySchema = z.object({
  name: z.string(),
});

router.get('/', validateRequest({ body: mySchema }), /**/)

Whereas it shouldn't be possible because we already know it's a GET request at this point, and they do not have any body.

Similar issue with :

const mySchema = z.object({
  name: z.string(),
});

router.get('/', validateRequest({ params: mySchema }), /**/)

Whereas we know we do not have any params in the url. Another example is we could (should?) enforce validation of params when we see there's one in the url.

I think there's room for improvement, and I would like to contribute to it, what do you think ?