Express.js Cheatsheet

Routes, middleware, request/response, error handling & patterns

Framework
🔍
Contents
Setup Routing Middleware Request Response Error Handling Static & Templates
πŸš€

Setup

// Install
npm init -y
npm install express

// Basic server
const express = require('express');
const app = express();

app.use(express.json());              // parse JSON body
app.use(express.urlencoded({ extended: true }));

app.listen(3000, () =>
    console.log('Server on port 3000'));
πŸ—ΊοΈ

Routing

app.get('/', (req, res) => res.send('Hello'));
app.post('/users', (req, res) => { });
app.put('/users/:id', (req, res) => { });
app.delete('/users/:id', (req, res) => { });
app.patch('/users/:id', (req, res) => { });

// Route params
app.get('/users/:id', (req, res) => {
    const { id } = req.params;
});

// Router
const router = express.Router();
router.get('/', (req, res) => { });
router.post('/', (req, res) => { });
app.use('/api/users', router);

// Route chaining
app.route('/books')
    .get((req, res) => { })
    .post((req, res) => { });
πŸ”§

Middleware

// Application-level
app.use((req, res, next) => {
    console.log(`${req.method} ${req.url}`);
    next();
});

// Route-specific
const auth = (req, res, next) => {
    if (!req.headers.authorization)
        return res.status(401).json({ error: 'Unauthorized' });
    next();
};
app.get('/secret', auth, (req, res) => { });

// Third-party
const cors = require('cors');
const morgan = require('morgan');
app.use(cors());
app.use(morgan('dev'));
πŸ“₯

Request

req.params         // route params  /users/:id
req.query          // query string  ?page=2
req.body           // parsed body (JSON / form)
req.headers        // request headers
req.method         // GET, POST, ...
req.url            // request URL
req.path           // URL path only
req.cookies        // (with cookie-parser)
req.ip             // client IP
req.get('Content-Type')  // header value
πŸ“€

Response

res.send('text')             // send text
res.json({ key: 'value' })   // send JSON
res.status(201).json(obj)    // status + JSON
res.redirect('/login')       // redirect
res.render('view', { data })  // render template
res.sendFile(path)            // send file
res.download(path)            // force download
res.cookie('name', 'val')    // set cookie
res.clearCookie('name')      // clear cookie
res.set('X-Custom', 'val')   // set header
❌

Error Handling

// Error-handling middleware (4 args)
app.use((err, req, res, next) => {
    console.error(err.stack);
    res.status(err.status || 500)
       .json({ error: err.message });
});

// Async error wrapper
const asyncHandler = (fn) => (req, res, next) =>
    Promise.resolve(fn(req, res, next)).catch(next);

app.get('/data', asyncHandler(async (req, res) => {
    const data = await fetchData();
    res.json(data);
}));

// 404 catch-all
app.use((req, res) => {
    res.status(404).json({ error: 'Not found' });
});
πŸ“

Static & Templates

// Serve static files
app.use(express.static('public'));
app.use('/assets', express.static('public'));

// Template engine (EJS)
app.set('view engine', 'ejs');
app.set('views', './views');
app.get('/', (req, res) => {
    res.render('index', { title: 'Home' });
});