# node.js 4 - Express Framework

If you look for the definition of `framework` in the dictionary you will find that it is often defined as an essential supporting structure of a building, vehicle, or object.  In software, it's essentially the same thing. A software framework is a supporting structure that allows you to build on top of it. When it comes to web development, and we want to build large APIs, or maybe HTTP servers, we can leverage web frameworks to make our life easier. There many options in the `node.js` ecosystem intended for web development but the most popular one is [Express](http://expressjs.com/).

Express is a minimal and flexible Node.js web application framework that provides a robust set of features for web and mobile applications.

### Installation

In order to use Express in an application you are developing, create a directory (`myapp`) for instance to hold your application and use the `npm init` command to create a `package.json` file for your application

`> npm init`

This command prompts you for a number of things, such as the name and version of your application. For now, you can simply hit RETURN to accept the defaults for most of them. You may wish though to specify the entry point of your application, that is, the name of the main file.

`> entry point: (index.js)`

Next, you need to install `Express` in the `myapp` directory and save it in the dependencies list contained in the `package.json` file:

`> npm install express --save` 

The `package.json` will be updated by NPM To include `Express` and its corresponding dependencies in the dependencies  sections of your `myapp`app. This facilitates life enormously for anyone that wants to install your application since NPM will simply look into the `package.json` file and automatically install all the dependencies of your application.

### Hello world example

We will start by creating a very simple Express app. In the `myapp` directory created previously, create a file named `app.js` and add the following code:

In [None]:
var express = require('express')
var app = express()

app.get('/', function (req, res) {
  res.send('Hello World!')
})

app.listen(3000, function () {
  console.log('Example app listening on port 3000!')
})

The app starts a server and listens on port 3000 for connections. The app responds with “Hello World!” for requests to the root URL (/) or **route**. For every other path, it will respond with a **404 Not Found**. The req (request) and res (response) are the exact same objects that `node.js` provides.

Now you can run the app with the following command:

`> node app.js`

Then, use your browser to navigate to http://localhost:3000/ in a browser to see the output of your application.

### Express application generator

The most usual way of using `Express` is to use  the `Express` generator, which creates the scaffolding for a full app with numerous JavaScript files, Jade templates, and sub-directories created by default for various purposes. Hence, we will use the application generator tool, `express-generator`, to quickly create an application skeleton.

The `express-generator` package installs the express command-line tool. Since this is a command-line tool,  you might want to install it globally  with the `-g` flag. 

`> npm install express-generator -g`

The following command creates an `Express` app named `app` in the current working directory:

`> express --view=jade app`

Notice that the previous command has created a number of files in your `app` working directory with the following directory structure:

Let's demonstrate the efficiency of NPM to install all the dependencies contained in those files auto generated by the framework.

`> cd app`

`> npm install`

Finally, we can run the app with the following command

`> set DEBUG=app:* & npm start`

We can now navigate to http://localhost:3000/ in the browser to access the app.

### Basic Routing

Routing refers to determining how an application responds to a client request to a particular endpoint, which is a URI (or path) and a specific HTTP request method (GET, POST, and so on).

Each route can have one or more handler functions, which are executed when the route is matched.

Route definition takes the following structure:

`app.METHOD(PATH, HANDLER)`

Where:

- app is an instance of express.
- METHOD is an HTTP request method, in lowercase.
- PATH is a path on the server.
- HANDLER is the function executed when the route is matched.

The following examples illustrate defining simple routes.

Respond with Hello World! on the homepage:

In [None]:
app.get('/', function (req, res) {
  res.send('Hello World!')
})

Respond to POST request on the root route (/), the application’s home page:

In [None]:
app.post('/', function (req, res) {
  res.send('Got a POST request')
})

Respond to a PUT request to the /user route:

In [None]:
app.put('/user', function (req, res) {
  res.send('Got a PUT request at /user')
})

Respond to a DELETE request to the /user route:

In [None]:
app.delete('/user', function (req, res) {
  res.send('Got a DELETE request at /user')
})

### Serving static files in Express

To serve static files such as images, CSS files, and JavaScript files, use the express.static built-in middleware function in Express.

Pass the name of the directory that contains the static assets to the express.static middleware function to start serving the files directly. For example, use the following code to serve images, CSS files, and JavaScript files in a directory named public:

In [None]:
app.use(express.static('public'))

Now, you can load the files that are in the `public` directory, like for instance in a hypothetical scenario:

- http://localhost:3000/images/kitten.jpg
- http://localhost:3000/css/style.css
- http://localhost:3000/js/app.js
- http://localhost:3000/images/bg.png
- http://localhost:3000/hello.html

To use multiple static assets directories, call the `express.static` middleware function multiple times:

In [None]:
app.use(express.static('public'))
app.use(express.static('files'))

Express looks up the files in the order in which you set the static directories with the express.static middleware function.

To create a virtual path prefix (where the path does not actually exist in the file system) for files that are served by the express.static function, specify a mount path for the static directory, as shown below:

In [None]:
app.use('/static', express.static('public'))

Now, you can load the files that are in the public directory from the /static path prefix.

- http://localhost:3000/static/images/kitten.jpg
- http://localhost:3000/static/css/style.css
- http://localhost:3000/static/js/app.js
- http://localhost:3000/static/images/bg.png
- http://localhost:3000/static/hello.html

### Route methods

A route method is derived from one of the HTTP methods, and is attached to an instance of the Express class. The following code is an example of routes that are defined for the GET and the POST methods to the root of the app.

In [None]:
// GET method route
app.get('/', function (req, res) {
  res.send('GET request to the homepage')
})

// POST method route
app.post('/', function (req, res) {
  res.send('POST request to the homepage')
})

Express supports the following routing methods that correspond to HTTP methods: get, post, put, head, delete, options, trace, copy, lock, mkcol, move, purge, propfind, proppatch, unlock, report, mkactivity, checkout, merge, m-search, notify, subscribe, unsubscribe, patch, search, and connect.

There is a special routing method, app.all(), which is not derived from any HTTP method. This method is used for loading middleware functions at a path for all request methods.

In the following example, the handler will be executed for requests to “/secret” whether you are using GET, POST, PUT, DELETE, or any other HTTP request method that is supported in the http module.

In [None]:
app.all('/secret', function (req, res, next) {
  console.log('Accessing the secret section ...')
  next() // pass control to the next handler
})

### Route paths

Route paths, in combination with a request method, define the endpoints at which requests can be made. Route paths can be strings, string patterns, or regular expressions.

The characters ?, +, *, and () are subsets of their regular expression counterparts. The hyphen (-) and the dot (.) are interpreted literally by string-based paths.

Here are some examples of route paths based on strings.

This route path will match requests to the root route, /.

In [None]:
app.get('/', function (req, res) {
  res.send('root')
})

This route path will match requests to /about.

In [None]:
app.get('/about', function (req, res) {
  res.send('about')
})

This route path will match requests to /random.text.

In [None]:
app.get('/random.text', function (req, res) {
  res.send('random.text')
})

Here are some examples of route paths based on string patterns.

This route path will match acd and abcd.

In [None]:
app.get('/ab?cd', function (req, res) {
  res.send('ab?cd')
})

This route path will match abcd, abbcd, abbbcd, and so on.

In [None]:
app.get('/ab+cd', function (req, res) {
  res.send('ab+cd')
})

This route path will match abcd, abxcd, abRANDOMcd, ab123cd, and so on.

In [None]:
app.get('/ab*cd', function (req, res) {
  res.send('ab*cd')
})

This route path will match /abe and /abcde.

In [None]:
app.get('/ab(cd)?e', function (req, res) {
  res.send('ab(cd)?e')
})

Examples of route paths based on regular expressions:

This route path will match anything with an “a” in the route name.

In [None]:
app.get(/a/, function (req, res) {
  res.send('/a/')
})

This route path will match butterfly and dragonfly, but not butterflyman, dragonflyman, and so on.

In [None]:
app.get(/.*fly$/, function (req, res) {
  res.send('/.*fly$/')
})

### Route parameters

Route parameters are named URL segments that are used to capture the values specified at their position in the URL. The captured values are populated in the req.params object, with the name of the route parameter specified in the path as their respective keys.

To define routes with route parameters, simply specify the route parameters in the path of the route as shown below.

In [None]:
app.get('/users/:userId/books/:bookId', function (req, res) {
  res.send(req.params)
})

Make sure you understand that a request URL maps to a defined route path and how the route parameters are extracted by `Express`:

### Route handlers

You can provide multiple callback functions that behave like middleware to handle a request. The only exception is that these callbacks might invoke next('route') to bypass the remaining route callbacks. You can use this mechanism to impose pre-conditions on a route, then pass control to subsequent routes if there’s no reason to proceed with the current route.

Route handlers can be in the form of a function, an array of functions, or combinations of both, as shown in the following examples.

A single callback function can handle a route. For example:

In [None]:
app.get('/example/a', function (req, res) {
  res.send('Hello from A!')
})

More than one callback function can handle a route (make sure you specify the next object). For example:

In [None]:
app.get('/example/b', function (req, res, next) {
  console.log('the response will be sent by the next function ...')
  next()
}, function (req, res) {
  res.send('Hello from B!')
})

An array of callback functions can handle a route. For example:

In [None]:
var cb0 = function (req, res, next) {
  console.log('CB0')
  next()
}

var cb1 = function (req, res, next) {
  console.log('CB1')
  next()
}

var cb2 = function (req, res) {
  res.send('Hello from C!')
}

app.get('/example/c', [cb0, cb1, cb2])

A combination of independent functions and arrays of functions can handle a route. For example:

In [None]:
var cb0 = function (req, res, next) {
  console.log('CB0')
  next()
}

var cb1 = function (req, res, next) {
  console.log('CB1')
  next()
}

app.get('/example/d', [cb0, cb1], function (req, res, next) {
  console.log('the response will be sent by the next function ...')
  next()
}, function (req, res) {
  res.send('Hello from D!')
})

### Response methods

The methods on the response object (res) in the following table can send a response to the client, and terminate the request-response cycle. If none of these methods are called from a route handler, the client request will be left hanging.

- res.download(): Prompt a file to be downloaded.
- res.end(): End the response process.
- res.json(): Send a JSON response.
- res.jsonp(): Send a JSON response with JSONP support.
- res.redirect(): Redirect a request.
- res.render():	Render a view template.
- res.send(): Send a response of various types.
- res.sendFile(): Send a file as an octet stream.
- res.sendStatus():	Set the response status code and send its string representation as the response body.

### app.route()

You can create chainable route handlers for a route path by using app.route(). Because the path is specified at a single location, creating modular routes is helpful, as is reducing redundancy and typos. For more information about routes, see: Router() documentation.

Here is an example of chained route handlers that are defined by using app.route().

In [None]:
app.route('/book')
  .get(function (req, res) {
    res.send('Get a random book')
  })
  .post(function (req, res) {
    res.send('Add a book')
  })
  .put(function (req, res) {
    res.send('Update the book')
  })

### express.Router

Use the express.Router class to create modular, mountable route handlers. A Router instance is a complete middleware and routing system; for this reason, it is often referred to as a “mini-app”.

The following example creates a router as a module, loads a middleware function in it, defines some routes, and mounts the router module on a path in the main app.

Create a router file named birds.js in the app directory, with the following content:

In [None]:
var express = require('express')
var router = express.Router()

// middleware that is specific to this router
router.use(function timeLog (req, res, next) {
  console.log('Time: ', Date.now())
  next()
})
// define the home page route
router.get('/', function (req, res) {
  res.send('Birds home page')
})
// define the about route
router.get('/about', function (req, res) {
  res.send('About birds')
})

module.exports = router

Then, load the router module in the app:

In [None]:
var birds = require('./birds')

// ...

app.use('/birds', birds)

The app will now be able to handle requests to /birds and /birds/about, as well as call the timeLog middleware function that is specific to the route.

### Using middleware

Express is a routing and middleware web framework that has minimal functionality of its own: An Express application is essentially a series of middleware function calls.

Middleware functions are functions that have access to the request object (req), the response object (res), and the next middleware function in the application’s request-response cycle. The next middleware function is commonly denoted by a variable named next.

Middleware functions can perform the following tasks:

- Execute any code.
- Make changes to the request and the response objects.
- End the request-response cycle.
- Call the next middleware function in the stack.
- If the current middleware function does not end the request-response cycle, it must call next() to pass control to the next middleware function. Otherwise, the request will be left hanging.

### Writing middleware for use in Express apps

Middleware functions are functions that have access to the request object (req), the response object (res), and the next function in the application’s request-response cycle. The next function is a function in the Express router which, when invoked, executes the middleware succeeding the current middleware.

Middleware functions can perform the following tasks:

- Execute any code.
- Make changes to the request and the response objects.
- End the request-response cycle.
- Call the next middleware in the stack.

If the current middleware function does not end the request-response cycle, it must call next() to pass control to the next middleware function. Otherwise, the request will be left hanging.

The following figure shows the elements of a middleware function call:

![](./images/express-mw.png)

Here is an example of a simple “Hello World” Express application. 

In [None]:
var express = require('express')
var app = express()

app.get('/', function (req, res) {
  res.send('Hello World!')
})

app.listen(3000)

Next, we will define a middleware functions and add it to the application.

Here is a simple example of a middleware function called “myLogger”. This function just prints “LOGGED” when a request to the app passes through it. The middleware function is assigned to a variable named myLogger.

In [None]:
var myLogger = function (req, res, next) {
  console.log('LOGGED')
  next()
}

Notice the call above to next(). Calling this function invokes the next middleware function in the app. The next() function is not a part of the `Node.js` or `Express` API, but is the third argument that is passed to the middleware function. The next() function could be named anything, but by convention it is always named “next”. To avoid confusion, always use this convention.


To load the middleware function, call app.use(), specifying the middleware function. For example, the following code loads the myLogger middleware function before the route to the root path (/).

In [None]:
var express = require('express')
var app = express()

var myLogger = function (req, res, next) {
  console.log('LOGGED')
  next()
}

app.use(myLogger)

app.get('/', function (req, res) {
  res.send('Hello World!')
})

app.listen(3000)

Every time the app receives a request, it prints the message “LOGGED” to the terminal.

The order of middleware loading is important: middleware functions that are loaded first are also executed first.

If myLogger is loaded after the route to the root path, the request never reaches it and the app doesn’t print “LOGGED”, because the route handler of the root path terminates the request-response cycle.

The middleware function myLogger simply prints a message, then passes on the request to the next middleware function in the stack by calling the next() function.

### Application-level middleware

You can bind application-level middleware to an instance of the app object by using the `app.use()` and `app.METHOD()` functions, where  METHOD is the HTTP method of the request that the middleware function handles (such as GET, PUT, or POST) in lowercase.

This example shows a middleware function with no mount path. The function is executed every time the app receives a request.

In [None]:
var app = express()

app.use(function (req, res, next) {
  console.log('Time:', Date.now())
  next()
})

This example shows a middleware function mounted on the /user/:id path. The function is executed for any type of HTTP request on the /user/:id path.

In [None]:
app.use('/user/:id', function (req, res, next) {
  console.log('Request Type:', req.method)
  next()
})

This example shows a route and its handler function (middleware system). The function handles GET requests to the `/user/:id` path.

In [None]:
app.get('/user/:id', function (req, res, next) {
  res.send('USER')
})

Here is an example of loading a series of middleware functions at a mount point, with a mount path. It illustrates a middleware sub-stack that prints request info for any type of HTTP request to the `/user/:id` path.

In [None]:
app.use('/user/:id', function (req, res, next) {
  console.log('Request URL:', req.originalUrl)
  next()
}, function (req, res, next) {
  console.log('Request Type:', req.method)
  next()
})

### Error-handling middleware

Error-handling middleware always takes four arguments. You must provide four arguments to identify it as an error-handling middleware function. Even if you don’t need to use the next object, you must specify it to maintain the signature. Otherwise, the next object will be interpreted as regular middleware and will fail to handle errors.

Define error-handling middleware functions in the same way as other middleware functions, except with four arguments instead of three, specifically with the signature (err, req, res, next)):

In [None]:
app.use(function (err, req, res, next) {
  console.error(err.stack)
  res.status(500).send('Something broke!')
})

You define error-handling middleware last, after other app.use() and routes calls; for example:

In [None]:
var bodyParser = require('body-parser')
var methodOverride = require('method-override')

app.use(bodyParser.urlencoded({
  extended: true
}))
app.use(bodyParser.json())
app.use(methodOverride())
app.use(function (err, req, res, next) {
  // logic
})

Responses from within a middleware function can be in any format that you prefer, such as an HTML error page, a simple message, or a JSON string.

Notice that when not calling “next” in an error-handling function, you are responsible for writing (and ending) the response. Otherwise those requests will “hang” and will not be eligible for garbage collection.

In [None]:
function clientErrorHandler (err, req, res, next) {
  if (req.xhr) {
    res.status(500).send({ error: 'Something failed!' })
  } else {
    next(err)
  }
}

If you have a route handler with multiple callback functions you can use the route parameter to skip to the next route handler. For example:

In [None]:
app.get('/a_route_behind_paywall',
  function checkIfPaidSubscriber (req, res, next) {
    if (!req.user.hasPaid) {
      // continue handling this request
      next('route')
    }
  }, function getPaidContent (req, res, next) {
    PaidContent.find(function (err, doc) {
      if (err) return next(err)
      res.json(doc)
    })
  })

In this example, the getPaidContent handler will be skipped but any remaining handlers in app for `/a_route_behind_paywall` would continue to be executed.

Express comes with a built-in error handler, which takes care of any errors that might be encountered in the app. This default error-handling middleware function is added at the end of the middleware function stack.

If you pass an error to next() and you do not handle it in an error handler, it will be handled by the built-in error handler; the error will be written to the client with the stack trace. The stack trace is not included in the production environment.

If you call next() with an error after you have started writing the response (for example, if you encounter an error while streaming the response to the client) the Express default error handler closes the connection and fails the request.

So when you add a custom error handler, you will want to delegate to the default error handling mechanisms in Express, when the headers have already been sent to the client:

In [None]:
function errorHandler (err, req, res, next) {
  if (res.headersSent) {
    return next(err)
  }
  res.status(500)
  res.render('error', { error: err })
}

Note that the default error handler can get triggered if you call next() with an error in your code more than once, even if custom error handling middleware is in place.

### Built-in middleware

Starting with version 4.x, the only built-in middleware function in Express is `express.static`. This function is based on serve-static, and is responsible for serving static assets such as HTML files, images, and so on.

The function signature is:

`express.static(root, [options])`

The root argument specifies the root directory from which to serve static assets. Here is an example of using the express.static middleware function with an elaborate options object:

In [None]:
var options = {
  dotfiles: 'ignore',
  etag: false,
  extensions: ['htm', 'html'],
  index: false,
  maxAge: '1d',
  redirect: false,
  setHeaders: function (res, path, stat) {
    res.set('x-timestamp', Date.now())
  }
}

app.use(express.static('public', options))

### Third-party middleware

Use third-party middleware to add functionality to Express apps.

Install the Node.js module for the required functionality, then load it in your app at the application level or at the router level.

The following example illustrates installing and loading the cookie-parsing middleware function cookie-parser.

`> npm install cookie-parser`

In [None]:
var express = require('express')
var app = express()
var cookieParser = require('cookie-parser')

// load the cookie-parsing middleware
app.use(cookieParser())

### Using template engines with Express

A template engine enables you to use static template files in your application. At runtime, the template engine replaces variables in a template file with actual values, and transforms the template into an HTML file sent to the client. This approach makes it easier to design an HTML page.

Some popular template engines that work with `Express` are `Pug`, `Mustache`, and `EJS`. The `Express` application generator uses `Jade` as its default, but it also supports several others.

To render template files, set the following application setting properties, set in `app.js` in the default app created by the generator:

- views, the directory where the template files are located. Eg: app.set('views', './views'). This defaults to the views directory in the application root directory.
- view engine, the template engine to use. For example, to use the Pug template engine: app.set('view engine', 'pug').

Then install the corresponding template engine npm package; for example to install Pug:

`> npm install pug --save`

After the view engine is set, you don’t have to specify the engine or load the template engine module in your app; Express loads the module internally, as shown below (for the above example).

`app.set('view engine', 'pug')`

Create a Pug template file named `index.pug` in the views directory, with the following content:

Then create a route to render the `index.pug` file. If the view engine property is not set, you must specify the extension of the view file. Otherwise, you can omit it.

In [None]:
app.get('/', function (req, res) {
  res.render('index', { title: 'Hey', message: 'Hello there!' })
})

When you make a request to the home page, the `index.pug` file will be rendered as HTML.