🇺🇸English
Express REST API Skill
Master building robust, scalable REST APIs with Express.js, the de-facto standard for Node.js web frameworks.
Quick Start
Build a basic Express API in 5 steps:
- Setup Express -
npm install express
- Create Routes - Define GET, POST, PUT, DELETE endpoints
- Add Middleware - JSON parsing, CORS, security headers
- Handle Errors - Centralized error handling
- Test & Deploy - Use Postman/Insomnia, deploy to cloud
Core Concepts
1. Express Application Structure
const express = require('express');
const app = express();
// Middleware
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
// Routes
app.use('/api/users', userRoutes);
app.use('/api/products', productRoutes);
// Error handling
app.use(errorHandler);
app.listen(3000, () => console.log('Server running'));
2. RESTful Route Design
// GET /api/users - Get all users
// GET /api/users/:id - Get user by ID
// POST /api/users - Create user
// PUT /api/users/:id - Update user
// DELETE /api/users/:id - Delete user
const router = express.Router();
router.get('/', getAllUsers);
router.get('/:id', getUserById);
router.post('/', createUser);
router.put('/:id', updateUser);
router.delete('/:id', deleteUser);
module.exports = router;
3. Middleware Patterns
// Authentication middleware
const authenticate = (req, res, next) => {
const token = req.headers.authorization;
if (!token) return res.status(401).json({ error: 'Unauthorized' });
// Verify token...
next();
};
// Validation middleware
const validate = (schema) => (req, res, next) => {
const { error } = schema.validate(req.body);
if (error) return res.status(400).json({ error: error.message });
next();
};
// Usage
router.post('/users', authenticate, validate(userSchema), createUser);
4. Error Handling
// Custom error class
class APIError extends Error {
constructor(message, statusCode) {
super(message);
this.statusCode = statusCode;
}
}
// Global error handler
app.use((err, req, res, next) => {
const statusCode = err.statusCode || 500;
res.status(statusCode).json({
success: false,
error: err.message,
...(process.env.NODE_ENV === 'development' && { stack: err.stack })
});
});
Learning Path
Beginner (2-3 weeks)
- ✅ Setup Express and create basic routes
- ✅ Understand middleware concept
- ✅ Implement CRUD operations
- ✅ Test with Postman
Intermediate (4-6 weeks)
- ✅ Implement authentication (JWT)
- ✅ Add input validation
- ✅ Organize code (MVC pattern)
- ✅ Connect to database
Advanced (8-10 weeks)
- ✅ API versioning (
/api/v1/, /api/v2/)
- ✅ Rate limiting and security
- ✅ Pagination and filtering
- ✅ API documentation (Swagger)
- ✅ Performance optimization
Essential Packages
{
"dependencies": {
"express": "^4.18.0",
"helmet": "^7.0.0", // Security headers
"cors": "^2.8.5", // Cross-origin requests
"morgan": "^1.10.0", // HTTP logger
"express-validator": "^7.0.0", // Input validation
"express-rate-limit": "^6.0.0" // Rate limiting
}
}
Common Patterns
Response Format
// Success
{ success: true, data: {...} }
// Error
{ success: false, error: "Message" }
// Pagination
{
success: true,
data: [...],
pagination: { page: 1, limit: 10, total: 100 }
}
HTTP Status Codes
200 OK - Successful GET/PUT201 Created - Successful POST204 No Content - Successful DELETE400 Bad Request - Validation error401 Unauthorized - Auth required403 Forbidden - No permission404 Not Found - Resource not found500 Internal Error - Server error
Project Structure
src/
├── controllers/ # Route handlers
├── routes/ # Route definitions
├── middlewares/ # Custom middleware
├── models/ # Data models
├── services/ # Business logic
├── utils/ # Helpers
└── app.js # Express setup
Production Checklist
- ✅ Environment variables (.env)
- ✅ Security headers (Helmet)
- ✅ CORS configuration
- ✅ Rate limiting
- ✅ Input validation
- ✅ Error handling
- ✅ Logging (Morgan/Winston)
- ✅ Testing (Jest/Supertest)
- ✅ API documentation
Real-World Example
Complete user API:
const express = require('express');
const router = express.Router();
const { body } = require('express-validator');
// GET /api/users
router.get('/', async (req, res, next) => {
try {
const { page = 1, limit = 10 } = req.query;
const users = await User.find()
.limit(limit)
.skip((page - 1) * limit);
res.json({ success: true, data: users });
} catch (error) {
next(error);
}
});
// POST /api/users
router.post('/',
body('email').isEmail(),
body('password').isLength({ min: 8 }),
async (req, res, next) => {
try {
const user = await User.create(req.body);
res.status(201).json({ success: true, data: user });
} catch (error) {
next(error);
}
}
);
module.exports = router;
When to Use
Use Express REST API when:
- Building backend for web/mobile apps
- Creating microservices
- Developing API-first applications
- Need flexible, lightweight framework
- Want large ecosystem and community
Related Skills
- Async Programming (handle async operations)
- Database Integration (connect to MongoDB/PostgreSQL)
- JWT Authentication (secure your APIs)
- Jest Testing (test your endpoints)
- Docker Deployment (containerize your API)
Resources
Weekly Installs
380
Repository
pluginagentmark…n-nodejs
GitHub Stars
1
First Seen
Jan 20, 2026
Security Audits
Gen Agent Trust HubPassSocketPassSnykPass
Installed on
opencode320
gemini-cli317
codex309
github-copilot304
cursor269
amp260
