diff --git a/src/services/auth-service.ts b/src/services/auth-service.ts
index 5b54ea3679ddaf14708c0435dec9ce3ac42a78f6..09beb79a95de3660a41bcf0a425a91ffd2931ef8 100644
--- a/src/services/auth-service.ts
+++ b/src/services/auth-service.ts
@@ -4,10 +4,14 @@ import prismaClient from "../cores/db";
 import { ErrorType, StandardError } from "../errors/standard-error";
 import { hashPassword, isPasswordValid } from "../utils/password";
 import { generateAccessTokenAndFingerprint } from "../utils/token";
+import {validate} from "../validation/validation";
+import {loginSchema, signupSchema} from "../validation/auth-validation";
 
 const signup = async (
   data: Prisma.UserCreateInput,
 ): Promise<{ userId: number; username: string }> => {
+  validate(signupSchema, data);
+
   // If username already exists throw error
   if (
     (await prismaClient.user.findUnique({
@@ -39,6 +43,8 @@ const signup = async (
 };
 
 const login = async (data: { username: string; password: string }) => {
+  validate(loginSchema, data);
+
   const user = await prismaClient.user.findUnique({
     where: {
       username: data.username,
diff --git a/src/validation/auth-validation.ts b/src/validation/auth-validation.ts
new file mode 100644
index 0000000000000000000000000000000000000000..46900552460aa1eb670c67392c04d9566eadb3ed
--- /dev/null
+++ b/src/validation/auth-validation.ts
@@ -0,0 +1,16 @@
+import { z } from "zod";
+
+const signupSchema = z.object({
+    username: z.string().min(1).max(255),
+    password: z.string().min(1).max(255),
+});
+
+const loginSchema = z.object({
+    username: z.string().min(1).max(255),
+    password: z.string().min(1).max(255),
+});
+
+export {
+    signupSchema,
+    loginSchema,
+}
\ No newline at end of file