How to Use Express to Build a REST API

How to Use Express to Build a REST API

An introduction to building scalable APIs in Node
Ferenc Almasi • šŸ”„ 2021 November 11 • šŸ“– 12 min read
  • twitter
  • facebook

Did you know that in 2019, Express ranked number one in awareness, interest, and satisfaction, according to theĀ State of JS, a yearly survey that had more than 20,000 respondents? It is mostly used to create robust APIs for the web, quickly and easily through its flexible API.

APIs are common means of communication between different software components. They provide a simple way to exchange data between two applications. In our case, this will be between the browser and a database. In this tutorial, we’re going to build a scalable REST API in Node using Express.

To keep things simple, we will go with the classical todo example. We will build an API to store, retrieve, modify, and delete todo items. Each operation will be handled by a different HTTP request method. Our very first job will be to set up Express.

Looking to improve your skills? Check out our interactive course to master JavaScript from start to finish.
Master JavaScript

Setting Up Express

To make this tutorial concise and digestible, I will replace the database functionality withĀ LocalStorage. Of course, we don’t have this in node so we will have to polyfill it. This means we will have two dependencies:Ā expressĀ andĀ node-localstorage.Ā npm init -yĀ your project and add these to your dependencies.

{
    "name": "express-api",
    "version": "1.0.0",
    "private": true,
    "scripts": {
        "start": "node server.js"
    },
    "keywords": [],
    "author": "",
    "license": "ISC",
    "dependencies": {
        "express": "4.17.1",
        "node-localstorage": "2.1.5"
    }
}
package.json
Copied to clipboard!

I also replaced the default script withnode server.js; this is the file where we will set up the Express server. Create theĀ server.jsĀ file in your root directory and add the following lines to it:

const express = require('express'),
      app     = express(),
      port    = process.env.PORT || 8080;

app.listen(port);

console.log(`API server is listening on port:${port}`);
server.js
Copied to clipboard!

We can start the webserver withĀ app.listenĀ passing in the port; either from the command line or defaulting to 8080. Not much is happening right now. If you openĀ localhost:8080, you’ll see the server doesn’t return anything. So let’s change that and add some routes!

cannot get anything

Creating Routes

For the routes, I’ve created a separate directory calledĀ routesĀ and added anĀ index.js. We’re going to have four different endpoints:

  • GETĀ for getting all or a single todo item
  • POSTĀ for creating a new todo item
  • PUTĀ for updating an existing todo item
  • DELETEĀ for removing a specific todo item

This is how ourĀ routes/index.jsĀ will look like:

'use strict';

const routes = (app) => {
    const todo = require('../controllers/Todo');

    // Todo Route
    app.route('/todo/:id?/')
        .get(todo.get)
        .post(todo.create)
        .put(todo.update)
        .delete(todo.delete);
};

module.exports = routes;
index.js
Copied to clipboard!

routesĀ will be a function that gets the express app as a parameter. TheĀ appĀ variable exposes aĀ routeĀ method which takes in an endpoint as a parameter. We can specify route params by using colons. By also adding a question mark at the end, we can tell express that this is only an optional param.

OnĀ route, we can chain different HTTP request methods. For every method, we will execute a different function. The methods are coming from an object defined in the controller’s folder underĀ Todo.js, so that will be our next step.

But first, to actually tell Express to use these routes, go back to yourĀ server.jsĀ file and extend it with the following:

const express = require('express'),
      routes  = require('./routes/index'),
      app     = express(),
      port    = process.env.PORT || 8080;

routes(app);

app.listen(port);

console.log(`API server is listening on port:${port}`);
server.js
Copied to clipboard!

I’ve importedĀ routesĀ and passed the ExpressĀ appĀ to it. Now if you navigate toĀ localhost:8080/todoĀ it will call theĀ todo.getĀ method which we haven’t specified yet, so let’s do that right now.

Looking to improve your skills? Check out our interactive course to master JavaScript from start to finish.
Master JavaScript

Requests and Responses

If you haven’t already, create aĀ controllersĀ folder and add aĀ Todo.jsĀ file. We’re going to export an object containing four methods for the four requests:

const LocalStorage = require('node-localstorage').LocalStorage;
const localStorage = new LocalStorage('./db');

module.exports = {

    get(request, response) {

    },

    create(request, response) {

    },

    update(request, response) {

    },

    delete(request, response) {

    }
};
Todo.js
Copied to clipboard!

Each method will get access to aĀ requestĀ andĀ responseĀ object. We also need to import theĀ LocalStorageĀ package since we’re going to use that in place of a real database. It will automatically create aĀ dbĀ folder for you in the root directory.

Let’s go in order and see how we can get back todos using theĀ getĀ method.

Get route

We want to either get all or a specific todo, based on whether the id has been provided in the URL or not. We also want to check whether we have aĀ localStorageĀ item set, so we don’t end up with an error. This leaves us with the following checks:

get(request, response) {
    if (localStorage.getItem('todos')) {
        if (!request.params.id) {
            // Return all todos
        } else {
            // Return single todo
        }
    } else {
        // No todos set on localStorage, fall back to empty response
    }
}
Todo.js
Copied to clipboard!

To get URL parameters, we simply need to access theĀ request.paramsĀ object. The name of the property will be the one specified inĀ app.route.Ā (:id)Ā To return a JSON response, we can callĀ response.jsonĀ with an object we want to return as a response:

get(request, response) {
    if (localStorage.getItem('todos')) {
        if (!request.params.id) {
            response.json({
                todos: JSON.parse(localStorage.getItem('todos'))
            });
        } else {
            const todo = JSON.parse(localStorage.getItem('todos')).filter(todo => todo.id === parseInt(request.params.id, 10));

            response.json({
                todo
            });
        }
    } else {
        response.json({
            todos: []
        });
    }
}
Todo.js
Copied to clipboard!

If we don’t even haveĀ todosĀ inĀ localStorage, we can return an empty array. Otherwise, we can return the items stored in localStorage. Since we can only store strings, we need to callĀ JSON.parseĀ on the object. The same applies when we want to access a single todo. But this time, we also want to filter for a single item.

If you refresh the page, you’ll get back an emptyĀ todoĀ list.

empty response coming back for get request

Post route

Let’s populate the array with some items. This time, we want to send the request data using aĀ x-www-form-urlencodedĀ content type. Since we can’t send aĀ POSTĀ request right inside the browser without any frontend, we need to find another way. For this task, I’m using the popularĀ PostmanĀ app. You can download and install it for free.

Open the app and create a new request. Set the method type toĀ POSTĀ and the body toĀ x-www-form-urlencoded. We only want to add a new todo if aĀ nameĀ and aĀ completedĀ flag have been provided.

Sending a POST request from Postman

To get the values from the request inside Express, we can accessĀ request.body. If you, however, send a post request and try to log outĀ request.body, you’ll notice that it isĀ undefined. This is because express by default can’t handle URL encoded values. To make them accessible through JavaScript, we have to use a middleware. Add the following line to yourĀ server.jsĀ file, before you define the routes:

app.use(express.urlencoded({ extended: true }));
server.js
Copied to clipboard!

Now if you send theĀ POSTĀ request and you try to log outĀ request.bodyĀ again, you’ll get the values logged out to your console.

Server linstening for POST request

So we can start by checking whether we have the two values in the request and if not, we can send an error specifying the problem:

create(request, response) {
    if (request.body.name && request.body.completed) {
        // Add new todo
    } else {
        response.json({
            error: 'āš ļø You must provide a name and a completed state.'
        });
    }
}
Todo.js
Copied to clipboard!

The way we want to add a new item is we simply want to get theĀ todosĀ from localStorage if there’s any, parse the JSON and push a new object to the array. Then convert it back to JSON, and of course, send a response to let us know if we were successful.

if (request.body.name && request.body.completed) {
    const todos = JSON.parse(localStorage.getItem('todos')) || [];

    todos.push({
        id: todos.length,
        name: request.body.name,
        completed: request.body.completed === 'true'
    });

    localStorage.setItem('todos', JSON.stringify(todos));

    response.json({
        message: 'Todo has been successfully created. šŸŽ‰'
    });
}
Todo.js
Copied to clipboard!

Note that since we might not haveĀ todosĀ present in the localStorage, we need to fall back to an empty array. Also note that since we’re getting the requests as strings, we need to cast theĀ completedĀ flag to a boolean.

Adding new todos

Put route

Once we have enough items on our todo list, we can try to update them. Again, we need to check for the presence of an id and either aĀ nameĀ or aĀ completedĀ flag.

update(request, response) {
    if (request.params.id && (request.body.name || request.body.completed)) {
        // Update todo
    } else {
        response.json({
            error: 'āš ļø You must provide an id and a property to update.'
        });
    }
}
Todo.js
Copied to clipboard!

We want to follow a similar logic we did for theĀ createĀ method: Parse the localStorage data, update the item in the array where the id matches the one passed as a request param, convert the data back to JSON and send a success response:

if (request.params.id && (request.body.name || request.body.completed)) {
    const todos = JSON.parse(localStorage.getItem('todos'));

    todos.forEach(todo => {
        if (parseInt(request.params.id, 10) === todo.id) {
            todo.name = request.body.name || todo.name;

            if (request.body.completed) {
                todo.completed = request.body.completed === 'true';
            }
        }
    });

    localStorage.setItem('todos', JSON.stringify(todos));

    response.json({
        message: 'Todo has been successfully updated. šŸŽ‰'
    });
}
Todo.js
Copied to clipboard!

Remember that we want to cast theĀ completedĀ flag into a boolean. And the reason why we can’t do logical OR just like we did forĀ todo.nameĀ is because in case we wantĀ completedĀ to be set to false, it would always fall back to the defaultĀ todo.completedĀ value.

updating todos in express

Delete route

Probably the shortest and simplest method of all will be theĀ delete. All we have to do is filter out the item where the id matches the one passed into the endpoint:

delete(request, response) {
    if (request.params.id) {
        const todos = JSON.parse(localStorage.getItem('todos')).filter(todo => todo.id !== parseInt(request.params.id, 10));

        localStorage.setItem('todos', JSON.stringify(todos));

        response.json({
            message: 'Todo has been successfully removed. šŸ—‘ļø'
        });
    } else {
        response.json({
            error: 'āš ļø You must provide an id.'
        });
    }
}
Todo.js
Copied to clipboard!

And reassign its stringified version back toĀ todosĀ inside localStorage.

deleting todo items

Conclusion

Now you have a working API in place to handle todo items. I’ll leave the UI part up for you. The great way about this approach is that every operation is separated into a different method. This way your API is more easily scalable. It also helps reducing time looking for bugs. If you are experiencing a problem with one of the requests, you can quickly pinpoint where and what went wrong. You’ll know that the problem lies in one single function.

If you were wondering about the look and feel of the JSON response I was getting throughout the tutorial, I’m using theĀ JSON ViewerĀ Chrome extension, which you can get at the provided link. If you would like to mess around with the final project, you can reach it at theĀ express-apiĀ Github repo.

Thank you for reading through. Whether if you have any experience building APIs and working with Express or not, share your thoughts in the comments below and let us know what is your approach.

ā˜• Get yourself an Expresso Sticker ā˜•

That's right, I'm drinking Expresso

Continue the tutorial, by learning how to also secure your freshly created API with JSON Web Tokens:

How to Secure Your API With JSON Web Tokens
  • twitter
  • facebook
Did you find this page helpful?
šŸ“š More Webtips
Frontend Course Dashboard
Master the Art of Frontend
  • check Unlimited access to hundred of tutorials
  • check Access to exclusive interactive lessons
  • check Remove ads to learn without distractions
Become a Pro

Recommended