Add input validation, error handling, and proper HTTP status codes#1
Open
devin-ai-integration[bot] wants to merge 1 commit into
Open
Add input validation, error handling, and proper HTTP status codes#1devin-ai-integration[bot] wants to merge 1 commit into
devin-ai-integration[bot] wants to merge 1 commit into
Conversation
- Add email format validation using Pydantic EmailStr on create/update schemas
- Add name non-empty validation (strips whitespace) on create/update schemas
- Add minimum password length (6 chars) validation on create schema
- Add duplicate email check (409 Conflict) on POST /users/ and PUT /users/{user_id}
- Handle SQLAlchemy IntegrityError with rollback on create/update
- Return 201 Created on POST /users/ instead of 200
- Fix misleading route handler function names
Co-Authored-By: soya.shinkura22 <sshoinkyuraa.08.04@hotmail.co.jp>
Author
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Hardens the user CRUD routes with missing input validation, duplicate-entry handling, and correct HTTP semantics.
Schema validation (
app/schema.py):emailfields now use PydanticEmailStr(leveragesemail-validatoralready in requirements) instead of barestrnamefields are stripped of surrounding whitespace and rejected if emptypasswordonUserCreaterequires a minimum length of 6 charactersRoute-level error handling (
main.py):POST /users/returns 201 Created instead of 200POST /users/andPUT /users/{user_id}check for duplicate emails before committing, returning 409 Conflict if the email is already takenIntegrityErroris caught with adb.rollback()as a safety net against race conditions on the unique email constraintget_user_by_email→get_user, etc.) since they operate onuser_id, not emailReview & Testing Checklist for Human
POSTa user, thenPOSTagain with the same email — confirm you get409. Do the same withPUTtargeting a different user's ID.POST /users/with a 5-char password returns a 422 validation error, and a 6-char password succeeds. Decide if 6 is the right threshold for your use case.POSTorPUTwith"name": " "— confirm it's rejected. Also confirm leading/trailing whitespace is stripped from valid names (e.g." Alice "→"Alice")."not-an-email"return 422.uvicorn main:app --reload(using Python 3.10 — pydantic v1 is incompatible with 3.12) and exercise all five CRUD endpoints to confirm nothing regressed.Notes
Link to Devin session: https://app.devin.ai/sessions/384a73385f864e4396f60815e484395a
Requested by: @SoySoy4444