Currently, input validation for XSS and SQL injection is done field-by-field across controllers/services. This is repetitive, error-prone, and easy to miss when adding new fields.
Introduce a struct-friendly approach using custom validate tags (via go-playground/validator) that can be applied directly to DTO structs.
This centralizes sanitization logic, ensures consistent protection across all endpoints, and makes it impossible to forget validation when adding new fields to a DTO.
Currently, input validation for XSS and SQL injection is done field-by-field across controllers/services. This is repetitive, error-prone, and easy to miss when adding new fields.
Introduce a struct-friendly approach using custom
validatetags (viago-playground/validator) that can be applied directly to DTO structs.This centralizes sanitization logic, ensures consistent protection across all endpoints, and makes it impossible to forget validation when adding new fields to a DTO.