Should I validate input in API or BL layer?

Question

I have a node.js application with an API, BL and DAL layers and I want to validate user input.

Currently I'm doing the validation at the beginning of BL functions so it doubles as a user input validator and an inner application validators (calls from other classes)

I'm worried it's not good practice as the validation may happen multiple times on a single API call for some functions (e.g a function that accepts userId and then sends the userId to other functions, validating the same value multiple times)

score 0 · Accepted Answer · answered Apr 22 '19 at 13:43

0

You should validate data when it comes from request to your routes using middleware:

router
  .get('/', validators.users.index, actions.users.index)

If you wish I can share the rest of the code of validation with Joi.

answered Apr 22 '19 at 13:43

Ilarion Halushka

2,083
18
13

Should I validate input in API or BL layer?

1 Answers1