Express Defaults
Core Express.js patterns and conventions
Details
Language / Topic
JavaScriptCategory
framework
Compatible Frameworks
express
Rules
balanced
- For JavaScript: Use `express.Router()` to modularize routes into separate files — mount with `app.use('/api/users', usersRouter)`.
- Always pass errors to `next(err)` — define a centralized error handler as the last middleware: `app.use((err, req, res, next) => {})`.
- Use `express.json()` and `express.urlencoded()` middleware at the top of the stack for automatic body parsing.
- Validate request input with a schema library (Zod, Joi) in middleware — never trust `req.body`, `req.params`, or `req.query` directly.
- For JavaScript: Always pass errors to `next(err)` — never swallow errors or let them crash the process.
- Use a centralized error handler as the last middleware: `app.use((err, req, res, next) => { ... })`.
- Validate request bodies with a schema library (Zod, Joi) in middleware before handlers.
- Use `express.json()` and `express.urlencoded()` for body parsing. Set size limits.
- Use `helmet` for security headers and `cors` for CORS configuration.