Implement comprehensive data validation and error handling for backend

[devin-ai-integration]

Implement comprehensive data validation and error handling for backend

Summary

This PR implements centralized data validation and error handling for the Invoice Application backend, replacing scattered inline validation with reusable, well-tested validation functions. The changes include:

• New validation.py module with functions for validating user data, invoice data, and invoice items
• New error_handlers.py module with custom exception classes and standardized error response functions
• Comprehensive test suite (test_validation.py) with 31 tests covering all validation scenarios
• Updated auth and invoice routes to use the centralized validation functions
• Backward compatibility maintained - all existing tests continue to pass

The implementation follows the existing codebase patterns and maintains the same error response formats while providing better code organization and test coverage.

Review & Testing Checklist for Human

• End-to-end API testing: Test user registration, login, and invoice creation/update endpoints to verify validation works correctly in the complete request flow
• Error message consistency: Verify that error responses match what the frontend expects (especially field names and message formats)
• Validation completeness: Review that all original inline validation logic was properly migrated to the centralized functions
• Edge case testing: Test with malformed data, missing fields, invalid data types to ensure robust error handling

Recommended Test Plan:

1. Start the backend server and test the /api/auth/register, /api/auth/login, and /api/invoices endpoints with both valid and invalid data
2. Verify error responses match the expected format: {"error": "specific error message"}
3. Test invoice creation with missing items, invalid dates, negative numbers, etc.

---

Diagram

%%{ init : { "theme" : "default" }}%%
flowchart TD
    subgraph "New Validation Layer"
        validation["validation.py<br/>(validation functions)"]:::major-edit
        errorhandlers["error_handlers.py<br/>(custom exceptions)"]:::major-edit
        testvalidation["test_validation.py<br/>(31 tests)"]:::major-edit
    end
    
    subgraph "Updated Routes"
        authroutes["routes/auth.py<br/>(register, login)"]:::minor-edit
        invoiceroutes["routes/invoices.py<br/>(CRUD operations)"]:::minor-edit
    end
    
    subgraph "Existing Infrastructure"
        models["models.py<br/>(User, Invoice, InvoiceItem)"]:::context
        testjwt["test_jwt.py<br/>(existing tests)"]:::context
    end
    
    authroutes -->|"uses validate_user_data()"| validation
    invoiceroutes -->|"uses validate_invoice_data()"| validation
    authroutes -->|"uses create_error_response()"| errorhandlers
    invoiceroutes -->|"uses create_error_response()"| errorhandlers
    testvalidation -->|"tests"| validation
    testvalidation -->|"tests"| errorhandlers
    validation -->|"validates against"| models
    
    subgraph Legend
        L1[Major Edit]:::major-edit
        L2[Minor Edit]:::minor-edit  
        L3[Context/No Edit]:::context
    end
    
    classDef major-edit fill:#90EE90
    classDef minor-edit fill:#87CEEB
    classDef context fill:#FFFFFF

Loading

Notes

• All 38 tests pass (7 existing JWT tests + 31 new validation tests)
• The validation functions return None for success or error message string for failure, following a consistent pattern
• Custom exception classes provide better error categorization than generic exceptions
• The implementation maintains the existing jsonify({'error': '...'}) response format for backward compatibility

Link to Devin run: https://app.devin.ai/sessions/a690b473609e4cd99a7a21f859539c78
Requested by: @JRWu

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[JRWu]

Devin can you re-run the test suite? There are dependencies that might have changed as a result of other engineers work

[devin-ai-integration]

✅ Test Suite Re-run Complete

I've successfully merged the latest master changes (including updates to requirements.txt, models.py, and other files from other engineers) and re-run the complete test suite as requested.

Test Results:

• All 38 tests pass ✅
• 7 existing JWT authentication tests: ✅
• 31 new validation and error handling tests: ✅

Test Methods Verified:

1. python3 tests/run_tests.py - ✅ All tests passed
2. python3 tests/test_validation.py - ✅ All validation tests passed
3. python3 -m unittest discover tests -v - ✅ All tests passed

The validation and error handling implementation remains fully functional despite the dependency changes. No regressions were introduced by the merge with master.

The PR is ready for review and merge.