Search code examples
serverreadabilityredundancy

Does adding too much validations for user inputs is a good practice while creating REST APIs

I'm building a REST api which take some inputs like id,customer_id,firstname,lastname,contact,email,updated_time,created_time. Before processing these inputs, i have added validations to check if

  • id and customer is number
  • firstname is not a null and string,
  • created and updated time are not null and empty string
  • email id is in valid format
  • contact field is number
  • check for email and contact already exist in database

And few more validations also made. But it made the code redundant and reduced code readability and maintainability. Is it a good practice to include these much validations in a single api call?

Tried making a common structure for api response. But I want to produce different error response in each conditions.

Solution

  • I don't know what programming language you're using, but most of this can be handled by a good MVC framework.

    For example using Spring MVC (Java): https://www.baeldung.com/spring-boot-bean-validation

    In that example, the author returns an HTTP response with status 400 for errors, and returns a JSON structure with the error message per field in the body.