feat(dto): enforce field length constraints across DTOs

Add `@MaxLength` validations to limit string field lengths in multiple DTOs, ensuring consistent data validation and integrity. Integrate `CreateApiKeyDto` in the API keys controller for improved type safety.
2026-01-14 20:41:45 +01:00
parent 5f2672021e
commit 5671ba60a6
7 changed files with 34 additions and 7 deletions
--- a/backend/src/api-keys/api-keys.controller.ts
+++ b/backend/src/api-keys/api-keys.controller.ts
@@ -11,6 +11,7 @@ import {
 import { AuthGuard } from "../auth/guards/auth.guard";
 import type { AuthenticatedRequest } from "../common/interfaces/request.interface";
 import { ApiKeysService } from "./api-keys.service";
+import { CreateApiKeyDto } from "./dto/create-api-key.dto";

@Controller("api-keys")
@UseGuards(AuthGuard)
@@ -20,13 +21,12 @@ export class ApiKeysController {
 	@Post()
 	create(
 		@Req() req: AuthenticatedRequest,
-		@Body("name") name: string,
-		@Body("expiresAt") expiresAt?: string,
+		@Body() createApiKeyDto: CreateApiKeyDto,
 	) {
 		return this.apiKeysService.create(
 			req.user.sub,
-			name,
-			expiresAt ? new Date(expiresAt) : undefined,
+			createApiKeyDto.name,
+			createApiKeyDto.expiresAt ? new Date(createApiKeyDto.expiresAt) : undefined,
 		);
 	}

--- a/backend/src/api-keys/dto/create-api-key.dto.ts
+++ b/backend/src/api-keys/dto/create-api-key.dto.ts
@@ -0,0 +1,12 @@
+import { IsDateString, IsNotEmpty, IsOptional, IsString, MaxLength } from "class-validator";
+
+export class CreateApiKeyDto {
+	@IsString()
+	@IsNotEmpty()
+	@MaxLength(128)
+	name!: string;
+
+	@IsOptional()
+	@IsDateString()
+	expiresAt?: string;
+}