I have a node.js application with an API, BL and DAL layers and I want to validate user input.
Currently I'm doing the validation at the beginning of BL functions so it doubles as a user input validator and an inner application validators (calls from other classes)
I'm worried it's not good practice as the validation may happen multiple times on a single API call for some functions (e.g a function that accepts userId and then sends the userId to other functions, validating the same value multiple times)
You should validate data when it comes from request to your routes using middleware:
router
.get('/', validators.users.index, actions.users.index)
If you wish I can share the rest of the code of validation with Joi
.