Endpoint Validation

[arsmn]

I want to validate request endpoint with something like govalidator https://github.com/asaskevich/govalidator
with middleware approach i have to repeat same code on each of them.
Is there a way to have a generic middleware?

[peterbourgon]

If you want to validate the data transfer objects, e.g. a JSON type used by transport/http.DecodeRequest, then you should make the validation part of that DecodeRequestFunc. If your validation package supports arbitrary types via reflection, I guess you can pretty easily do it in a middleware style, if you want; something like

func validateMiddleware(next kithttp.DecodeRequestFunc, validate func(interface{}) error) kithttp.DecodeRequestFunc {
    return func(ctx context.Context, req *http.Request) (request interface{}, err error) {
        request, err = next(ctx, req)
        if err != nil {
            return nil, err
        }
        if err = validate(request); err != nil {
            return nil, err
        }
        return request, nil
    }
}

If you want to validate the business level request and response objects, that should be done at the service layer, probably with a service middleware. Here's an example of a LoggingMiddleware at the service layer.

Does this help?

[arsmn]

Thanks for your response and sample code.
Actually I want to validate input e.g. email, string min/max length. I don't know it should be done in service layer or upper layers.

[GrantZheng]

Thanks for your response and sample code.
Actually I want to validate input e.g. email, string min/max length. I don't know it should be done in service layer or upper layers.

It should be done in service layer.

[ngopher]

Thanks for your response and sample code.
Actually I want to validate input e.g. email, string min/max length. I don't know it should be done in service layer or upper layers.

I guess the structure validation which you are discussing, should be checked in the transport layer for each concrete implementation, or in the endpoint layer for all of the transport protocols.
We shouldn't process and pass downstream the values that may be invalid.

You have the requests model definition in the endpoint layer separately as structures which have validation tag, the validator will satisfy all of your needs.

[selmison]

Thanks for your response and sample code.
Actually I want to validate input e.g. email, string min/max length. I don't know it should be done in service layer or upper layers.

I guess this example of Uncle Bob and this article can be useful when making that decision

Naoto points out that just as Clean Architecture splits the responsibility by layers, each layer has its own validation logic.

In each layer, the system should reject the input which breaks its layer's responsibility. So the meaning of validation is differrent depending on its context.

In Application layey, as validation, we must ensure that domain objects can receive the input. We should reject the input which the domain object can't be received.

For example, when some mandatory parameters are missing, it should be rejected because the domain object has no way to receive like that parameter.