Add input validation to server actions for security

## Description

Server actions handling sensitive user data (email, password) currently lack proper input validation, relying only on client-side validation which can be bypassed.

## Affected Files
- `apps/web/src/app/signup/action.ts`
- `apps/web/src/app/signin/action.ts` 
- `apps/web/src/app/reset/action.ts`

## Security Concern
The current implementation uses type casting without validation:
- Email format validation is missing
- Password complexity requirements are not enforced server-side
- Input sanitization is not performed

This creates a security vulnerability where malformed or malicious input could be processed.

## Context
This issue was identified during code review and acknowledged with a comment in the code stating 'in practice, you should validate your inputs' but the validation is not implemented.

## References
- PR: https://github.com/daemon-node-byte/MysticalRealms/pull/65
- Comment: https://github.com/daemon-node-byte/MysticalRealms/pull/65#discussion_r2157171979
- Requested by: @daemon-node-byte

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add input validation to server actions for security #69

Description

Affected Files

Security Concern

Context

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Add input validation to server actions for security #69

Description

Description

Affected Files

Security Concern

Context

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions