refactor: remove redundant validation, trust middleware and service layer

internal/handlers/auth_handler.go

@@ -124,20 +124,6 @@ func (h *AuthHandler) Register(w http.ResponseWriter, r *http.Request) {
 	password := strings.TrimSpace(req.Password)
 
 	username = security.SanitizeUsername(username)
-	if err := validation.ValidateUsername(username); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
-	if err := validation.ValidateEmail(email); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
-	if err := validation.ValidatePassword(password); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
 
 	result, err := h.authService.Register(username, email, password)
 	if err != nil {
@@ -313,11 +299,6 @@ func (h *AuthHandler) ResetPassword(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if err := validation.ValidatePassword(newPassword); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
 	if err := h.authService.ResetPassword(token, newPassword); err != nil {
 		switch {
 		case strings.Contains(err.Error(), "expired"):
@@ -360,10 +341,6 @@ func (h *AuthHandler) UpdateEmail(w http.ResponseWriter, r *http.Request) {
 	}
 
 	email := strings.TrimSpace(req.Email)
-	if err := validation.ValidateEmail(email); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
 
 	user, err := h.authService.UpdateEmail(userID, email)
 	if err != nil {
@@ -410,10 +387,6 @@ func (h *AuthHandler) UpdateUsername(w http.ResponseWriter, r *http.Request) {
 	}
 
 	username := strings.TrimSpace(req.Username)
-	if err := validation.ValidateUsername(username); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
 
 	user, err := h.authService.UpdateUsername(userID, username)
 	if err != nil {
@@ -457,16 +430,6 @@ func (h *AuthHandler) UpdatePassword(w http.ResponseWriter, r *http.Request) {
 	currentPassword := strings.TrimSpace(req.CurrentPassword)
 	newPassword := strings.TrimSpace(req.NewPassword)
 
-	if currentPassword == "" {
-		SendErrorResponse(w, "Current password is required", http.StatusBadRequest)
-		return
-	}
-
-	if err := validation.ValidatePassword(newPassword); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
 	user, err := h.authService.UpdatePassword(userID, currentPassword, newPassword)
 	if err != nil {
 		if strings.Contains(err.Error(), "current password is incorrect") {

internal/handlers/post_handler.go

@@ -12,7 +12,6 @@ import (
 	"goyco/internal/repositories"
 	"goyco/internal/security"
 	"goyco/internal/services"
-	"goyco/internal/validation"
 
 	"github.com/go-chi/chi/v5"
 	"github.com/jackc/pgconn"
@@ -273,16 +272,6 @@ func (h *PostHandler) UpdatePost(w http.ResponseWriter, r *http.Request) {
 	title := security.SanitizeInput(req.Title)
 	content := security.SanitizePostContent(req.Content)
 
-	if err := validation.ValidateTitle(title); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
-	if err := validation.ValidateContent(content); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
 	post.Title = title
 	post.Content = content
 

internal/handlers/user_handler.go

@@ -99,21 +99,6 @@ func (h *UserHandler) CreateUser(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if err := validation.ValidateUsername(req.Username); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
-	if err := validation.ValidateEmail(req.Email); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
-	if err := validation.ValidatePassword(req.Password); err != nil {
-		SendErrorResponse(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
 	result, err := h.authService.Register(req.Username, req.Email, req.Password)
 	if err != nil {
 		var validationErr *validation.ValidationError