Server-side validation of values in offchain API

[monitz87]

Right now offchain merely validates that the values sent to its API by the client are of the correct type. It would be better to implement validation of the values as well. While the ddos middleware and signature verification already protect the app from the majority of potential attacks, theoretically (although this is very unlikely) somebody could still slowly pollute our database with gibberish. These validations would also grant further insurance against changes in the client that may break the API in obscure ways.