Add api validations.

pages/api/websites/index.ts

@@ -1,11 +1,13 @@
 import { canCreateWebsite } from 'lib/auth';
 import { uuid } from 'lib/crypto';
-import { useAuth, useCors } from 'lib/middleware';
+import { useAuth, useCors, useValidate } from 'lib/middleware';
 import { NextApiRequestQueryBody, SearchFilter, WebsiteSearchFilterType } from 'lib/types';
 import { NextApiResponse } from 'next';
 import { methodNotAllowed, ok, unauthorized } from 'next-basics';
 import { createWebsite } from 'queries';
 import userWebsites from 'pages/api/users/[id]/websites';
+import * as yup from 'yup';
+import { getFilterValidation } from 'lib/yup';
 
 export interface WebsitesRequestQuery extends SearchFilter<WebsiteSearchFilterType> {}
 
@@ -15,12 +17,25 @@ export interface WebsitesRequestBody {
   shareId: string;
 }
 
+const schema = {
+  GET: yup.object().shape({
+    ...getFilterValidation(/All|Name|Domain/i),
+  }),
+  POST: yup.object().shape({
+    name: yup.string().max(100).required(),
+    domain: yup.string().max(500).required(),
+    shareId: yup.string().max(50),
+  }),
+};
+
 export default async (
   req: NextApiRequestQueryBody<WebsitesRequestQuery, WebsitesRequestBody>,
   res: NextApiResponse,
 ) => {
   await useCors(req, res);
   await useAuth(req, res);
+  req.yup = schema;
+  await useValidate(req, res);
 
   const {
     user: { id: userId },
@@ -30,7 +45,7 @@ export default async (
     req.query.id = userId;
     req.query.pageSize = 100;
 
-    return userWebsites(req, res);
+    return userWebsites(req as any, res);
   }
 
   if (req.method === 'POST') {