Everything is validated now

.gitlab-ci.yml

@@ -1,6 +1,7 @@
 image: node:latest
 
 stages:
+    - setup
     - test
     - build
     - package
@@ -23,18 +24,33 @@ before_script:
     - yarn install --cache-folder .yarn --frozen-lockfile
     - cd ..
 
-test_backend:
+test_build_dto:
+    stage: setup
     cache:
         <<: *global_cache
         policy: pull-push
+    before_script: []
+    script:
+        - cd dto
+        - yarn install --frozen-lockfile
+        - yarn lint
+        - yarn build
+        - cd ..
+        - yarn install --cache-folder .yarn --frozen-lockfile
+        - yarn add ./dto
+        - cd frontend
+        - yarn install --cache-folder .yarn --frozen-lockfile
+        - yarn add ../dto
+
+
+test_backend:
+    needs: ["test_build_dto"]
     stage: test
     script:
         - yarn lint
 
 test_frontend:
-    cache:
-        <<: *global_cache
-        policy: pull-push
+    needs: ["test_build_dto"]
     stage: test
     script:
         - cd frontend

dto/.gitignore

@@ -0,0 +1,402 @@
+# Created by .ignore support plugin (hsz.mobi)
+### JetBrains template
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff:
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/dictionaries
+
+# Sensitive or high-churn files:
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.xml
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+
+# Gradle:
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# CMake
+cmake-build-debug/
+
+# Mongo Explorer plugin:
+.idea/**/mongoSettings.xml
+
+## File-based project format:
+*.iws
+
+## Plugin-specific files:
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+### VisualStudio template
+## Ignore Visual Studio temporary files, build results, and
+## files generated by popular Visual Studio add-ons.
+##
+## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
+
+# User-specific files
+*.suo
+*.user
+*.userosscache
+*.sln.docstates
+
+# User-specific files (MonoDevelop/Xamarin Studio)
+*.userprefs
+
+# Build results
+[Dd]ebug/
+[Dd]ebugPublic/
+[Rr]elease/
+[Rr]eleases/
+x64/
+x86/
+bld/
+[Bb]in/
+[Oo]bj/
+[Ll]og/
+
+# Visual Studio 2015 cache/options directory
+.vs/
+# Uncomment if you have tasks that create the project's static files in wwwroot
+#wwwroot/
+
+# MSTest test Results
+[Tt]est[Rr]esult*/
+[Bb]uild[Ll]og.*
+
+# NUNIT
+*.VisualState.xml
+TestResult.xml
+
+# Build Results of an ATL Project
+[Dd]ebugPS/
+[Rr]eleasePS/
+dlldata.c
+
+# Benchmark Results
+BenchmarkDotNet.Artifacts/
+
+# .NET Core
+project.lock.json
+project.fragment.lock.json
+artifacts/
+**/Properties/launchSettings.json
+
+*_i.c
+*_p.c
+*_i.h
+*.ilk
+*.meta
+*.obj
+*.pch
+*.pdb
+*.pgc
+*.pgd
+*.rsp
+*.sbr
+*.tlb
+*.tli
+*.tlh
+*.tmp
+*.tmp_proj
+*.log
+*.vspscc
+*.vssscc
+.builds
+*.pidb
+*.svclog
+*.scc
+
+# Chutzpah Test files
+_Chutzpah*
+
+# Visual C++ cache files
+ipch/
+*.aps
+*.ncb
+*.opendb
+*.opensdf
+*.sdf
+*.cachefile
+*.VC.db
+*.VC.VC.opendb
+
+# Visual Studio profiler
+*.psess
+*.vsp
+*.vspx
+*.sap
+
+# Visual Studio Trace Files
+*.e2e
+
+# TFS 2012 Local Workspace
+$tf/
+
+# Guidance Automation Toolkit
+*.gpState
+
+# ReSharper is a .NET coding add-in
+_ReSharper*/
+*.[Rr]e[Ss]harper
+*.DotSettings.user
+
+# JustCode is a .NET coding add-in
+.JustCode
+
+# TeamCity is a build add-in
+_TeamCity*
+
+# DotCover is a Code Coverage Tool
+*.dotCover
+
+# AxoCover is a Code Coverage Tool
+.axoCover/*
+!.axoCover/settings.json
+
+# Visual Studio code coverage results
+*.coverage
+*.coveragexml
+
+# NCrunch
+_NCrunch_*
+.*crunch*.local.xml
+nCrunchTemp_*
+
+# MightyMoose
+*.mm.*
+AutoTest.Net/
+
+# Web workbench (sass)
+.sass-cache/
+
+# Installshield output folder
+[Ee]xpress/
+
+# DocProject is a documentation generator add-in
+DocProject/buildhelp/
+DocProject/Help/*.HxT
+DocProject/Help/*.HxC
+DocProject/Help/*.hhc
+DocProject/Help/*.hhk
+DocProject/Help/*.hhp
+DocProject/Help/Html2
+DocProject/Help/html
+
+# Click-Once directory
+publish/
+
+# Publish Web Output
+*.[Pp]ublish.xml
+*.azurePubxml
+# Note: Comment the next line if you want to checkin your web deploy settings,
+# but database connection strings (with potential passwords) will be unencrypted
+*.pubxml
+*.publishproj
+
+# Microsoft Azure Web App publish settings. Comment the next line if you want to
+# checkin your Azure Web App publish settings, but sensitive information contained
+# in these scripts will be unencrypted
+PublishScripts/
+
+# NuGet Packages
+*.nupkg
+# The packages folder can be ignored because of Package Restore
+**/[Pp]ackages/*
+# except build/, which is used as an MSBuild target.
+!**/[Pp]ackages/build/
+# Uncomment if necessary however generally it will be regenerated when needed
+#!**/[Pp]ackages/repositories.config
+# NuGet v3's project.json files produces more ignorable files
+*.nuget.props
+*.nuget.targets
+
+# Microsoft Azure Build Output
+csx/
+*.build.csdef
+
+# Microsoft Azure Emulator
+ecf/
+rcf/
+
+# Windows Store app package directories and files
+AppPackages/
+BundleArtifacts/
+Package.StoreAssociation.xml
+_pkginfo.txt
+*.appx
+
+# Visual Studio cache files
+# files ending in .cache can be ignored
+*.[Cc]ache
+# but keep track of directories ending in .cache
+!*.[Cc]ache/
+
+# Others
+ClientBin/
+~$*
+*~
+*.dbmdl
+*.dbproj.schemaview
+*.jfm
+*.pfx
+*.publishsettings
+orleans.codegen.cs
+
+# Since there are multiple workflows, uncomment next line to ignore bower_components
+# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
+#bower_components/
+
+# RIA/Silverlight projects
+Generated_Code/
+
+# Backup & report files from converting an old project file
+# to a newer Visual Studio version. Backup files are not needed,
+# because we have git ;-)
+_UpgradeReport_Files/
+Backup*/
+UpgradeLog*.XML
+UpgradeLog*.htm
+
+# SQL Server files
+*.mdf
+*.ldf
+*.ndf
+
+# Business Intelligence projects
+*.rdl.data
+*.bim.layout
+*.bim_*.settings
+
+# Microsoft Fakes
+FakesAssemblies/
+
+# GhostDoc plugin setting file
+*.GhostDoc.xml
+
+# Node.js Tools for Visual Studio
+.ntvs_analysis.dat
+node_modules/
+
+# Typescript v1 declaration files
+typings/
+
+# Visual Studio 6 build log
+*.plg
+
+# Visual Studio 6 workspace options file
+*.opt
+
+# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
+*.vbw
+
+# Visual Studio LightSwitch build output
+**/*.HTMLClient/GeneratedArtifacts
+**/*.DesktopClient/GeneratedArtifacts
+**/*.DesktopClient/ModelManifest.xml
+**/*.Server/GeneratedArtifacts
+**/*.Server/ModelManifest.xml
+_Pvt_Extensions
+
+# Paket dependency manager
+.paket/paket.exe
+paket-files/
+
+# FAKE - F# Make
+.fake/
+
+# JetBrains Rider
+.idea/
+*.sln.iml
+
+# IDE - VSCode
+.vscode/*
+!.vscode/settings.json
+!.vscode/tasks.json
+!.vscode/launch.json
+!.vscode/extensions.json
+
+# CodeRush
+.cr/
+
+# Python Tools for Visual Studio (PTVS)
+__pycache__/
+*.pyc
+
+# Cake - Uncomment if you are using it
+# tools/**
+# !tools/packages.config
+
+# Tabs Studio
+*.tss
+
+# Telerik's JustMock configuration file
+*.jmconfig
+
+# BizTalk build output
+*.btp.cs
+*.btm.cs
+*.odx.cs
+*.xsd.cs
+
+# OpenCover UI analysis results
+OpenCover/
+coverage/
+
+### macOS template
+# General
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+=======
+# Local
+.env
+dist
+lib
+
+files
+sqlite.db

dto/package.json

@@ -2,13 +2,18 @@
     "name": "dto",
     "private": true,
     "version": "1.0.0",
-    "main": "src/index.ts",
+    "main": "lib/index.js",
+    "types": "lib/index.d.ts",
+    "files": [
+        "/lib"
+    ],
     "dependencies": {
         "class-transformer": "^0.5.1",
         "class-validator": "^0.13.2"
     },
     "scripts": {
-        "lint": "eslint \"src/**/*.ts\" && tsc --no-emit",
-        "lint-fix": "eslint \"src/**/*.ts\" --fix"
+        "lint": "eslint \"src/**/*.ts\" && tsc --noEmit",
+        "lint-fix": "eslint \"src/**/*.ts\" --fix",
+        "build": "tsc"
     }
 }

dto/src/index.ts

@@ -1,2 +1,3 @@
 export * as Requests from './requests';
 export * as Responses from './responses';
+export { validateSync, validateAsync, validateAsyncInline } from './utils';

dto/src/requests/auth.ts

@@ -1,14 +1,36 @@
 import { BaseRequest } from './base';
-import { IsEmail, IsNotEmpty } from 'class-validator';
+import {
+	IsBoolean,
+	IsEmail,
+	IsNotEmpty,
+	IsOptional,
+	IsString
+} from 'class-validator';
 
-export class AuthSignUpRequest extends BaseRequest {
+export class SignUpRequest extends BaseRequest {
 	@IsEmail()
 	username: string;
 
 	@IsNotEmpty()
+	@IsString()
 	password: string;
 }
 
-export class AuthLoginRequest extends AuthSignUpRequest {
+export class LoginRequest extends SignUpRequest {
+	@IsOptional()
+	@IsNotEmpty()
+	@IsString()
 	otp?: string;
 }
+
+export class TfaComplete extends BaseRequest {
+	@IsNotEmpty()
+	@IsString()
+	code: string;
+}
+
+export class TfaSetup extends BaseRequest {
+	@IsNotEmpty()
+	@IsBoolean()
+	mail: boolean;
+}

dto/src/requests/fs.ts

@@ -1,7 +1,5 @@
 import { BaseRequest } from './base';
-import { IsInt, IsNotEmpty, Min } from 'class-validator';
-
-export type CreateFileRequest = CreateFolderRequest;
+import { IsInt, IsNotEmpty, IsString, Min } from 'class-validator';
 
 export class CreateFolderRequest extends BaseRequest {
 	@IsInt()
@@ -9,6 +7,7 @@ export class CreateFolderRequest extends BaseRequest {
 	parent: number;
 
 	@IsNotEmpty()
+	@IsString()
 	name: string;
 }
 
@@ -17,3 +16,5 @@ export class DeleteRequest extends BaseRequest {
 	@Min(1)
 	node: number;
 }
+
+export class CreateFileRequest extends CreateFolderRequest {}

dto/src/responses/auth.ts

@@ -1,20 +1,27 @@
 import { SuccessResponse } from './base';
 import { IsBase32, IsJWT, IsNotEmpty } from 'class-validator';
+import { ValidateConstructor } from '../utils';
 
-export type TfaRequiredResponse = SuccessResponse;
-export type RemoveTfaResponse = SuccessResponse;
-export type RequestEmailTfaResponse = SuccessResponse;
-export type TfaCompletedResponse = SuccessResponse;
-export type SignupResponse = SuccessResponse;
-export type RefreshResponse = LoginResponse;
-
+@ValidateConstructor
 export class LoginResponse extends SuccessResponse {
+	constructor(jwt: string) {
+		super();
+		this.jwt = jwt;
+	}
+
 	@IsNotEmpty()
 	@IsJWT()
 	jwt: string;
 }
 
+@ValidateConstructor
 export class RequestTotpTfaResponse extends SuccessResponse {
+	constructor(qrCode: string, secret: string) {
+		super();
+		this.qrCode = qrCode;
+		this.secret = secret;
+	}
+
 	@IsNotEmpty()
 	qrCode: string;
 
@@ -22,3 +29,10 @@ export class RequestTotpTfaResponse extends SuccessResponse {
 	@IsBase32()
 	secret: string;
 }
+
+export class TfaRequiredResponse extends SuccessResponse {}
+export class RemoveTfaResponse extends SuccessResponse {}
+export class RequestEmailTfaResponse extends SuccessResponse {}
+export class TfaCompletedResponse extends SuccessResponse {}
+export class SignupResponse extends SuccessResponse {}
+export class RefreshResponse extends LoginResponse {}

dto/src/responses/fs.ts

@@ -1,17 +1,39 @@
 import { SuccessResponse } from './base';
-import { IsBoolean, IsInt, IsNotEmpty, Min } from 'class-validator';
-
-export type UploadFileResponse = SuccessResponse;
-export type DeleteResponse = SuccessResponse;
-export type CreateFileResponse = CreateFolderResponse;
+import {
+	IsBoolean,
+	IsInt,
+	IsNotEmpty,
+	IsOptional,
+	IsString,
+	Min
+} from 'class-validator';
+import { ValidateConstructor } from '../utils';
 
+@ValidateConstructor
 export class GetRootResponse extends SuccessResponse {
+	constructor(rootId: number) {
+		super();
+		this.rootId = rootId;
+	}
 	@IsInt()
 	@Min(1)
 	rootId: number;
 }
 
 export class GetNodeResponse extends SuccessResponse {
+	constructor(
+		id: number,
+		name: string,
+		isFile: boolean,
+		parent: number | null
+	) {
+		super();
+		this.id = id;
+		this.name = name;
+		this.isFile = isFile;
+		this.parent = parent;
+	}
+
 	@IsInt()
 	@Min(1)
 	id: number;
@@ -22,22 +44,46 @@ export class GetNodeResponse extends SuccessResponse {
 	@IsBoolean()
 	isFile: boolean;
 
+	@IsOptional()
+	@IsInt()
+	@Min(1)
 	parent: number | null;
 
+	@IsOptional()
 	@IsInt({ each: true })
 	@Min(1, { each: true })
 	children?: number[];
 
+	@IsOptional()
+	@IsInt()
+	@Min(0)
 	size?: number;
 }
 
+@ValidateConstructor
 export class GetPathResponse extends SuccessResponse {
+	constructor(path: string) {
+		super();
+		this.path = path;
+	}
+
 	@IsNotEmpty()
+	@IsString()
 	path: string;
 }
 
+@ValidateConstructor
 export class CreateFolderResponse extends SuccessResponse {
+	constructor(id: number) {
+		super();
+		this.id = id;
+	}
+
 	@IsInt()
 	@Min(1)
 	id: number;
 }
+
+export class UploadFileResponse extends SuccessResponse {}
+export class DeleteResponse extends SuccessResponse {}
+export class CreateFileResponse extends CreateFolderResponse {}

dto/src/utils.ts

@@ -0,0 +1,35 @@
+import { validate, validateSync as _validateSync } from 'class-validator';
+
+export function validateSync<T extends object>(data: T): void {
+	const errors = _validateSync(data);
+	if (errors.length > 0) {
+		console.error('Validation failed, errors: ', errors);
+		throw new Error('Validation failed');
+	}
+}
+
+export async function validateAsync<T extends object>(data: T): Promise<void> {
+	const errors = await validate(data);
+	if (errors.length > 0) {
+		console.error('Validation failed, errors: ', errors);
+		throw new Error('Validation failed');
+	}
+}
+
+export async function validateAsyncInline<T extends object>(
+	data: T
+): Promise<T> {
+	await validateAsync(data);
+	return data;
+}
+
+export function ValidateConstructor<T extends { new (...args: any[]): any }>(
+	constr: T
+) {
+	return class extends constr {
+		constructor(...args: any[]) {
+			super(...args);
+			validateSync(this);
+		}
+	};
+}

dto/tsconfig.json

@@ -1,18 +1,18 @@
 {
 	"compilerOptions": {
 		"module": "commonjs",
-		"declaration": false,
+		"declaration": true,
 		"removeComments": true,
 		"emitDecoratorMetadata": true,
 		"experimentalDecorators": true,
 		"allowSyntheticDefaultImports": true,
 		"target": "es2017",
 		"sourceMap": true,
-		"outDir": "./dist",
+		"outDir": "./lib",
 		"baseUrl": "./src",
 		"incremental": true,
 		"skipLibCheck": true,
 		"strictPropertyInitialization": false
 	},
-	"exclude": ["node_modules", "dist"]
+	"exclude": ["node_modules", "lib"]
 }

frontend/src/api/auth.ts

@@ -9,7 +9,7 @@ export const auth_login = (
 	| Responses.Auth.TfaRequiredResponse
 	| Responses.ErrorResponse
 > =>
-	post<Requests.Auth.AuthLoginRequest>('/api/auth/login', {
+	post<Requests.Auth.LoginRequest>('/api/auth/login', {
 		username: username,
 		password: password,
 		otp: otp
@@ -19,7 +19,7 @@ export const auth_signup = (
 	username: string,
 	password: string
 ): Promise<Responses.Auth.SignupResponse | Responses.ErrorResponse> =>
-	post<Requests.Auth.AuthSignUpRequest>('/api/auth/signup', {
+	post<Requests.Auth.SignUpRequest>('/api/auth/signup', {
 		username: username,
 		password: password
 	});

frontend/src/api/base.ts

@@ -1,7 +1,6 @@
 import axios from 'axios';
 import { Requests, Responses } from 'dto';
 export { Requests, Responses };
-import { validateSync } from 'class-validator';
 
 export const post = <T extends Requests.BaseRequest>(url: string, data: T) =>
 	axios
@@ -11,17 +10,12 @@ export const post = <T extends Requests.BaseRequest>(url: string, data: T) =>
 		.then((res) => res.data)
 		.catch((err) => err.response.data);
 
-export function post_token<T extends Requests.BaseRequest>(
+export const post_token = <T extends Requests.BaseRequest>(
 	url: string,
 	data: T,
 	token: string
-) {
-	const errors = validateSync(data);
-	if (errors.length > 0) {
-		console.error('Validation failed, errors: ', errors);
-		throw new Error('Validation failed');
-	}
-	return axios
+) =>
+	axios
 		.post(url, data, {
 			headers: {
 				Authorization: 'Bearer ' + token,
@@ -30,7 +24,6 @@ export function post_token<T extends Requests.BaseRequest>(
 		})
 		.then((res) => res.data)
 		.catch((err) => err.response.data);
-}
 
 export const post_token_form = (
 	url: string,

src/controller/auth.ts

@@ -4,18 +4,18 @@ import {
 	Controller,
 	Get,
 	HttpCode,
-	ParseBoolPipe,
 	Post,
 	Query,
 	Redirect,
 	Request,
 	UnauthorizedException,
-	UseGuards
+	UseGuards,
+	ValidationPipe
 } from '@nestjs/common';
 import { AuthService } from '../services/auth';
 import { AuthGuard } from '@nestjs/passport';
 import { Public } from '../authguards';
-import { Responses } from 'dto';
+import { Responses, Requests } from 'dto';
 import { tfaTypes } from '../entities';
 import { toDataURL } from 'qrcode';
 import * as base32 from 'thirty-two';
@@ -30,25 +30,22 @@ export default class AuthController {
 	@HttpCode(200)
 	async login(
 		@Request() req,
-		@Body('otp') otp?: string
+		@Body(new ValidationPipe()) data: Requests.Auth.LoginRequest
 	): Promise<
 		Responses.Auth.LoginResponse | Responses.Auth.TfaRequiredResponse
 	> {
 		if (this.authService.requiresTfa(req.user)) {
-			if (!otp) {
+			if (!data.otp) {
 				if (req.user.tfaType == tfaTypes.EMAIL)
 					await this.authService.sendTfaMail(req.user);
-				return {
-					statusCode: 200
-				};
+				return new Responses.Auth.TfaRequiredResponse();
 			}
-			if (!(await this.authService.verifyTfa(req.user, otp)))
+			if (!(await this.authService.verifyTfa(req.user, data.otp)))
 				throw new UnauthorizedException('Incorrect 2fa');
 		}
-		return {
-			statusCode: 200,
-			jwt: await this.authService.login(req, req.user)
-		};
+		return new Responses.Auth.LoginResponse(
+			await this.authService.login(req, req.user)
+		);
 	}
 
 	async tfa(
@@ -61,73 +58,61 @@ export default class AuthController {
 		}
 		await this.authService.setTfaType(req.user, type);
 		await this.authService.revokeAll(req.user);
-		return {
-			statusCode: 200
-		};
+		return new Responses.Auth.TfaCompletedResponse();
 	}
 
 	@Post('2fa/complete/mail')
 	async tfaMail(
 		@Request() req,
-		@Body('code') code: string
+		@Body(new ValidationPipe()) data: Requests.Auth.TfaComplete
 	): Promise<Responses.Auth.TfaCompletedResponse> {
-		return await this.tfa(req, code, tfaTypes.EMAIL);
+		return await this.tfa(req, data.code, tfaTypes.EMAIL);
 	}
 
 	@Post('2fa/complete/totp')
 	async tfaTotp(
 		@Request() req,
-		@Body('code') code: string
+		@Body(new ValidationPipe()) data: Requests.Auth.TfaComplete
 	): Promise<Responses.Auth.TfaCompletedResponse> {
-		return await this.tfa(req, code, tfaTypes.TOTP);
+		return await this.tfa(req, data.code, tfaTypes.TOTP);
 	}
 
 	@Get('2fa/setup')
 	async setupTotp(
 		@Request() req,
-		@Body('mail', ParseBoolPipe) mail: boolean
+		@Body(new ValidationPipe()) data: Requests.Auth.TfaSetup
 	): Promise<
 		| Responses.Auth.RequestTotpTfaResponse
 		| Responses.Auth.RequestEmailTfaResponse
 	> {
 		const secret = await this.authService.setupTfa(req.user);
-		if (mail)
-			return {
-				statusCode: 200
-			};
-		return {
-			statusCode: 200,
-			qrCode: await toDataURL(
+		if (data.mail) return new Responses.Auth.RequestEmailTfaResponse();
+		return new Responses.Auth.RequestTotpTfaResponse(
+			await toDataURL(
 				`otpauth://totp/MFileserver:${req.user.name}?secret=${base32
 					.encode(secret)
 					.toString()}&issuer=MFileserver`
 			),
 			secret
-		};
+		);
 	}
 
 	@Public()
 	@Post('signup')
 	async signup(
-		@Body('username') username,
-		@Body('password') password
+		@Body(new ValidationPipe()) data: Requests.Auth.SignUpRequest
 	): Promise<Responses.Auth.SignupResponse> {
-		if ((await this.authService.findUser(username, false)) != null)
+		if ((await this.authService.findUser(data.username, false)) != null)
 			throw new BadRequestException('Username already taken');
-		await this.authService.signup(username, password);
-		return {
-			statusCode: 200
-		};
+		await this.authService.signup(data.username, data.password);
+		return new Responses.Auth.SignupResponse();
 	}
 
 	@Post('refresh')
 	async refresh(@Request() req): Promise<Responses.Auth.RefreshResponse> {
 		const token = await this.authService.login(req, req.user);
 		await this.authService.revoke(req.token);
-		return {
-			statusCode: 200,
-			jwt: token
-		};
+		return await new Responses.Auth.RefreshResponse(token);
 	}
 
 	@Public()

src/controller/filesystem.ts

@@ -6,9 +6,10 @@ import {
 	ParseIntPipe,
 	Post,
 	Request,
-	StreamableFile
+	StreamableFile,
+	ValidationPipe
 } from '@nestjs/common';
-import { Responses } from 'dto';
+import { Responses, Requests, validateAsyncInline } from 'dto';
 import FileSystemService from '../services/filesystem';
 import { UserRole } from '../entities';
 import { Role } from '../authguards';
@@ -20,10 +21,7 @@ export default class FileSystemController {
 	@Get('root')
 	@Role(UserRole.USER)
 	async getRoot(@Request() req): Promise<Responses.FS.GetRootResponse> {
-		return {
-			statusCode: 200,
-			rootId: req.user.rootId
-		};
+		return new Responses.FS.GetRootResponse(req.user.rootId);
 	}
 
 	@Get('node/:node')
@@ -33,19 +31,19 @@ export default class FileSystemController {
 		@Param('node', ParseIntPipe) nodeId
 	): Promise<Responses.FS.GetNodeResponse> {
 		const node = await this.fsService.getNodeAndValidate(nodeId, req.user);
-		const data: Responses.FS.GetNodeResponse = {
-			id: nodeId,
-			statusCode: 200,
-			name: node.name,
-			parent: node.parentId,
-			isFile: node.isFile
-		};
+		const data = new Responses.FS.GetNodeResponse(
+			nodeId,
+			node.name,
+			node.isFile,
+			node.parentId
+		);
+
 		if (data.isFile) {
 			data.size = node.size;
 		} else {
 			data.children = (await node.children).map((child) => child.id);
 		}
-		return data;
+		return validateAsyncInline(data);
 	}
 
 	@Get('path/:node')
@@ -54,62 +52,53 @@ export default class FileSystemController {
 		@Request() req,
 		@Param('node', ParseIntPipe) nodeId
 	): Promise<Responses.FS.GetPathResponse> {
-		return {
-			statusCode: 200,
-			path: await this.fsService.generatePath(
+		return new Responses.FS.GetPathResponse(
+			await this.fsService.generatePath(
 				await this.fsService.getNodeAndValidate(nodeId, req.user)
 			)
-		};
+		);
 	}
 
 	@Post('createFolder')
 	@Role(UserRole.USER)
 	async createFolder(
 		@Request() req,
-		@Body('parent', ParseIntPipe) parent,
-		@Body('name') name
+		@Body(new ValidationPipe()) data: Requests.FS.CreateFolderRequest
 	): Promise<Responses.FS.CreateFolderResponse> {
 		const newChild = await this.fsService.create(
-			await this.fsService.getNodeAndValidate(parent, req.user),
-			name,
+			await this.fsService.getNodeAndValidate(data.parent, req.user),
+			data.name,
 			req.user,
 			false
 		);
-		return {
-			statusCode: 200,
-			id: newChild.id
-		};
+		return new Responses.FS.CreateFolderResponse(newChild.id);
 	}
 
 	@Post('createFile')
 	@Role(UserRole.USER)
 	async createFile(
 		@Request() req,
-		@Body('parent', ParseIntPipe) parent,
-		@Body('name') name
+		@Body(new ValidationPipe()) data: Requests.FS.CreateFileRequest
 	): Promise<Responses.FS.CreateFileResponse> {
 		const newChild = await this.fsService.create(
-			await this.fsService.getNodeAndValidate(parent, req.user),
-			name,
+			await this.fsService.getNodeAndValidate(data.parent, req.user),
+			data.name,
 			req.user,
 			true
 		);
-		return {
-			statusCode: 200,
-			id: newChild.id
-		};
+		return new Responses.FS.CreateFileResponse(newChild.id);
 	}
 
 	@Post('delete')
 	@Role(UserRole.USER)
 	async delete(
 		@Request() req,
-		@Body('node', ParseIntPipe) node_id
+		@Body(new ValidationPipe()) data: Requests.FS.DeleteRequest
 	): Promise<Responses.FS.DeleteResponse> {
 		await this.fsService.delete(
-			await this.fsService.getNodeAndValidate(node_id, req.user)
+			await this.fsService.getNodeAndValidate(data.node, req.user)
 		);
-		return { statusCode: 200 };
+		return new Responses.FS.DeleteResponse();
 	}
 
 	@Post('upload/:node')
@@ -119,7 +108,7 @@ export default class FileSystemController {
 		@Param('node', ParseIntPipe) nodeId
 	): Promise<Responses.FS.UploadFileResponse> {
 		await this.fsService.uploadFile(await req.file(), nodeId, req.user);
-		return { statusCode: 200 };
+		return new Responses.FS.UploadFileResponse();
 	}
 
 	@Post('download')