SecuritySchema Validation
It is a good practice to validate the data of your API routes. You can use a schema validation library like Zod to validate the data of your API routes.
Here is an example of how to use Zod to validate the data of an API route:
/app/api/user/route.js
1import { NextResponse } from "next/server";
2import { z } from "zod";
3
4const schema = z.object({
5 email: z.string().email(),
6});
7
8export async function POST(request) {
9 const { email } = await request.json();
10
11 const isValidEmail = schema.safeParse(email);
12
13 if (!isValidEmail.success) {
14 return NextResponse.json({ error: "Invalid email" }, { status: 400 });
15 }
16
17 return NextResponse.json({ email: isValidEmail.data });
18}
19