Caleb Eby edited this page Aug 5, 2018 · 17 revisions

This is a list of small production ready modules that do one thing well for web servers.




routes is the express.js router broken out into a standalone module. You can add route handlers and you can match an url on the router to get the right route handler


routes-router uses routes but creates a function handler(req, res) {} function that you can plug into your http server. It handles error handling (optionally with domains) & 404's for you by default. This is for convenience. It's recommended you read the source code and write your own server request handler in your application.


An alternative router that is tree based and might be more efficient. It's also more flexible in how it finds the correct route handler for any given url.


http-methods is like a router but instead of routing on req.url it routes on the req.method. You can easily create a single route handler that dispatches to different functions based on method.


A "pragmatic router," egress is uniquely designed for tree-like routing tables. It can be used on its own or as Connect middleware.

Request modules


A set of asynchronous functions that parses the body of out of a req. It can also parse form encoded & json encoded bodies. body will limit the amount of body parsing to 1MB by default to prevent buffer overflows.


raw-body will parse the body of a readable stream as a Buffer. It has a limiting mechanism to limit the size of the body to prevent buffer overflows.

cookies and keygrip

Read the cookies out of a req. Also has functionality to set cookies on the res. Use cookies with keygrip for signing cookies using rotated credentials.

Response modules


Send different types of resources to the client, like json or error or html. This module will set the headers properly on your behalf.


Sends a proper HTTP redirect response to a res.


Favicon serving middleware.


Sets appropriate content-disposition header and pipes data to res.

Route handlers


st is a static file handler. It's efficient and handles cache headers properly.


serve-browserify is like a static file handler for javascript files but will browserify those files transparently on the fly. Optionally handles caching & gzipping.


npm-less is like a static file handler for css files but will compile LESS files transparently on the fly. Optionally handles caching & gzipping.


filed is a streaming file handler. This allows you to serve streaming files with the correct HTTP headers without caching the files in memory.


request allows you to make HTTP client requests to other servers. You can use request in your web server to forward a HTTP response from a 3rd party server to your res



hyperscript is an easy way to create templates in javascript. This allows you to use require for template inheritance and functions for template re-use. It's the simplest templating system that works as it's pure javascript.


consolidate is a large wrapper around many popular templating languages that exposes the same API for each templating language.



validate-form is a validation library that you can use to define a schema (a function) to validate arbitrary objects. validate-form is recursively made up of small functions so its really easy to add new validation logic.


joi is another validation library. It allows you to define complex schemas using a chaining syntax.


is-my-json-valid is a JSONSchema validator that uses code generation to be extremely fast.



redsess is a redis backed session library. It creates an asynchronous session interface based upon a req/res pair. It will handle managing your session id & cookies for you.


level-session is a levelDB backed session library. It creates an asynchronous session interface based upon a req/res pair. It will handle managing your session id & cookies for you.


generic-session is like redsess & level-session but has a MemoryStore interface for storing sessions in memory. This is great for tests.


pwd is a module for hashing a password. The first hash will generate a salt for it. You can then verify the password a second time with the salt to check hashes. This is great for a /login & /signup flow.



config-chain makes it easy to load configuration from anywhere. This is a great way of setting up a cascading config system for your production web server.


static-config is a config loader for static application configuration. It has an accessible api to set up a rigid cascading config loader that can be modified to sanely integrate with tests.


error makes it easy to create re-usable errors that contain meta information about what went wrong.


bole is a tiny flexible JSON logger that outputs ndjson.

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.