zod-express-validationlisted

# Zod Validation & Type Safety Expert Ensures no `any` types or unvalidated data ever cross from the Presentation layer (Express / Socket.IO) into the Application layer. ## When to Activate - Creating a new Express route or controller - Adding a new Socket.IO event listener - Defining a DTO for a Use Case - Reviewing code where `req.body` is passed directly to a Use Case - Replacing manually written interfaces with `z.infer`-generated types - Standardising 400 error responses across the API ## Core Principles 1. **Never Trust the Client** — Every `req.body`, `req.query`, `req.params`, and Socket.IO payload must pass through a Zod schema. 2. **Single Source of Truth** — Use `z.infer<typeof Schema>` as the DTO type. Do not write a separate TypeScript interface. ## Installation ```bash npm install zod ``` ## Schema Definition ```typescript // src/presentation/validations/register-user.schema.ts import { z } from 'zod'; export const RegisterUserSchema = z.object({ email: z.string().email({ message: 'Must be a valid email address' }), password: z .string() .min(8, 'Password must be at least 8 characters') .regex(/[A-Z]/, 'Must contain at least one uppercase letter') .regex(/[0-9]/, 'Must contain at least one number'), }); // The DTO is derived from the schema — no manual interface needed export type RegisterUserDto = z.infer<typeof RegisterUserSchema>; ``` ## Generic Express Validation Middleware ```typescript // src/presentation/middleware/validat