Node.js
REST API
RESTful routing, Express Router, JSON responses, API versioning, CORS setup, and standard status codes in Node.js.
RESTful Route Structure: Standard CRUD routes using Express Router mapped to controller-style handler functions.
routes/users.js
JS
const express = require('express');
const router = express.Router();
const userController = require('../controllers/userController');
router.get('/', userController.index); // GET /users
router.post('/', userController.store); // POST /users
router.get('/:id', userController.show); // GET /users/:id
router.put('/:id', userController.update); // PUT /users/:id
router.delete('/:id', userController.destroy); // DELETE /users/:id
module.exports = router;Express Router Mounting: Attach routers to the app with a base path prefix to organise routes cleanly.
app.js
JS
const express = require('express');
const app = express();
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
// Mount routers
const userRoutes = require('./routes/users');
const productRoutes = require('./routes/products');
app.use('/users', userRoutes);
app.use('/products', productRoutes);
app.listen(3000, () => console.log('Server running on port 3000'));JSON Response Pattern: Consistent API response wrapper with status, message, and data fields.
helpers/response.js
JS
// Helper functions
const ok = (res, data, message = 'Success') => res.status(200).json({ success: true, message, data });
const created = (res, data, message = 'Created') => res.status(201).json({ success: true, message, data });
const badReq = (res, message = 'Bad Request') => res.status(400).json({ success: false, message, data: null });
const notFound= (res, message = 'Not Found') => res.status(404).json({ success: false, message, data: null });
const serverErr=(res, message = 'Internal Error') => res.status(500).json({ success: false, message, data: null });
module.exports = { ok, created, badReq, notFound, serverErr };
// --- Usage in controller ---
// const R = require('../helpers/response');
// exports.show = async (req, res) => {
// const user = await User.findById(req.params.id);
// if (!user) return R.notFound(res, 'User not found');
// return R.ok(res, user);
// };Common HTTP Status Codes: Quick reference for status codes used in REST APIs.
reference – status codes
JS
// 2xx – Success
res.status(200).json(data); // OK
res.status(201).json(data); // Created
res.status(204).send(); // No Content (e.g. delete)
// 4xx – Client Error
res.status(400).json({ message: 'Bad Request' });
res.status(401).json({ message: 'Unauthorized' });
res.status(403).json({ message: 'Forbidden' });
res.status(404).json({ message: 'Not Found' });
res.status(422).json({ message: 'Unprocessable Entity' });
// 5xx – Server Error
res.status(500).json({ message: 'Internal Server Error' });
res.status(503).json({ message: 'Service Unavailable' });API Versioning with Prefix: Group routes under version prefixes (e.g.
/api/v1) for backward-compatible evolution.app.js – versioning
JS
const v1Users = require('./routes/v1/users');
const v1Products = require('./routes/v1/products');
const v2Users = require('./routes/v2/users');
// Version 1
app.use('/api/v1/users', v1Users);
app.use('/api/v1/products', v1Products);
// Version 2 (new implementation)
app.use('/api/v2/users', v2Users);
// Or use a router to group them
const v1 = express.Router();
v1.use('/users', v1Users);
v1.use('/products', v1Products);
app.use('/api/v1', v1);CORS Setup with
cors package: Configure Cross-Origin Resource Sharing to allow specific origins, methods, and headers. Install with npm install cors.app.js – CORS
JS
const cors = require('cors');
// Allow all origins (development only)
app.use(cors());
// Restrict to specific origins (production)
const corsOptions = {
origin: ['https://myapp.com', 'https://admin.myapp.com'],
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
allowedHeaders: ['Content-Type', 'Authorization'],
credentials: true, // allow cookies / auth headers
optionsSuccessStatus: 200,
};
app.use(cors(corsOptions));
// Apply CORS only to API routes
app.use('/api', cors(corsOptions), apiRouter);