Now we have much more comprehensive validation than before. Instead of basic existence checks, Zod validates:

  • Email format: Rejects “notanemail” but accepts “user@example.com”.
  • String length: Rejects usernames like “a” (too short) or 60-character strings (too long).
  • Data types: Rejects numbers when expecting strings, and vice versa.

Try testing your API now with invalid data to see the improved error messages

Test creating a user with invalid data:

  • Send a POST request to /users with {"username": "a", "email": "notanemail"}.

Test updating a user with an invalid ID

  • Send a PUT request to /users/abc with any valid data.

You’ll get specific feedback like:

{
  "error": "Validation failed",
  "details": ["Username must be at least 2 characters", "Must be a valid email"]
}

Instead of the generic “Username and email are required” from before.

Tags: