In this article, Oskar Dudycz discusses the importance of validating business logic and defines the level of paranoia each software developer should have when creating a public API. Dudycz identifies potential issues in the classical 3-tiered architecture, including lack of frontend validation and changed business logic on the backend, and emphasizes the need to form a wall of control to avoid malicious actions such as data scraping. He suggests embracing the Ports & Adapters, or Hexagonal Architecture, approach to ensure full control over the data structure and meaning. Finally, he outlines his general flow for API request classes, which assumes anything can be wrong and translates data from the request to the instance of the class.
