Add api validations.

pages/api/teams/[id]/index.ts

@@ -1,10 +1,11 @@
 import { Team } from '@prisma/client';
-import { NextApiRequestQueryBody } from 'lib/types';
 import { canDeleteTeam, canUpdateTeam, canViewTeam } from 'lib/auth';
-import { useAuth } from 'lib/middleware';
+import { useAuth, useValidate } from 'lib/middleware';
+import { NextApiRequestQueryBody } from 'lib/types';
 import { NextApiResponse } from 'next';
 import { methodNotAllowed, ok, unauthorized } from 'next-basics';
 import { deleteTeam, getTeamById, updateTeam } from 'queries';
+import * as yup from 'yup';
 
 export interface TeamRequestQuery {
   id: string;
@@ -15,12 +16,29 @@ export interface TeamRequestBody {
   accessCode: string;
 }
 
+const schema = {
+  GET: yup.object().shape({
+    id: yup.string().uuid().required(),
+  }),
+  POST: yup.object().shape({
+    id: yup.string().uuid().required(),
+    name: yup.string().max(50).required(),
+    accessCode: yup.string().max(50).required(),
+  }),
+  DELETE: yup.object().shape({
+    id: yup.string().uuid().required(),
+  }),
+};
+
 export default async (
   req: NextApiRequestQueryBody<TeamRequestQuery, TeamRequestBody>,
   res: NextApiResponse<Team>,
 ) => {
   await useAuth(req, res);
 
+  req.yup = schema;
+  await useValidate(req, res);
+
   const { id: teamId } = req.query;
 
   if (req.method === 'GET') {