express

Here's a list of 20 key Node.js Express techniques with TypeScript that you should be familiar with for a job interview:

Basic Express usage setup

Certainly! Here's a basic and an advanced code sample for setting up an Express server with TypeScript for API usage.

Basic Express Server with TypeScript:

import express, { Application, Request, Response } from 'express';

const app: Application = express();
const PORT = process.env.PORT || 3000;

app.use(express.json());

app.get('/', (req: Request, res: Response) => {
  res.send('Hello World!');
});

app.listen(PORT, () => {
  console.log(`Server is running on port ${PORT}`);
});

In the basic setup, we import the necessary modules from express, create an instance of an Express application, and then define a simple route that responds to GET requests on the root path. We then start the server on the port defined by the PORT variable.

Advanced Express Server with TypeScript:

import express, { Application, Request, Response, NextFunction } from 'express';
import cors from 'cors';
import helmet from 'helmet';
import morgan from 'morgan';

const app: Application = express();
const PORT = process.env.PORT || 3000;

// Middleware for security
app.use(helmet());

// Enable CORS with various options
app.use(cors());

// Logger Middleware
app.use(morgan('tiny'));

// Body Parsing Middleware
app.use(express.json());
app.use(express.urlencoded({ extended: true }));

// Basic Route
app.get('/', (req: Request, res: Response) => {
  res.json({ message: 'Welcome to the TypeScript Express API!' });
});

// Error handling Middleware
app.use((err: any, req: Request, res: Response, next: NextFunction) => {
  console.error(err.stack);
  res.status(500).send('Something broke!');
});

// Start server
app.listen(PORT, () => {
  console.log(`Server is running in http://localhost:${PORT}`);
});

In the advanced setup, we include additional middlewares:

• helmet for setting secure HTTP headers.
• cors for enabling Cross-Origin Resource Sharing.
• morgan for logging HTTP requests.

We also configure the express.json() and express.urlencoded() middleware for body parsing and a basic error handling middleware to catch any unhandled errors in the app.

Both the basic and advanced setups are starting points for an Express API server with TypeScript. For real-world applications, you'd typically expand these with more routes, services, and possibly integrate a database.

1. Middleware Integration:

Use middleware to extend the capabilities of your Express app. Middleware functions can perform tasks like logging, parsing, authenticating, etc.

Middleware Integration:

Middleware in Express.js is a way to do something with the request and response objects along the route handling pipeline. It can be used for various purposes, such as logging requests, parsing request bodies, authenticating users, handling errors, and more.

Basic Middleware Example: Here's a simple example of a logging middleware that prints the method and URL of each request.

const express = require('express');
const app = express();

// Simple logging middleware
app.use((req, res, next) => {
  console.log(`Received ${req.method} request for ${req.url}`);
  next(); // Pass control to the next middleware function
});

app.get('/', (req, res) => {
  res.send('Hello, World!');
});

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

Advanced Middleware Integration Example: The following example demonstrates the use of multiple middleware functions, including built-in, third-party, and custom error-handling middleware.

const express = require('express');
const bodyParser = require('body-parser'); // Third-party middleware for parsing request bodies
const morgan = require('morgan'); // Third-party logging middleware

const app = express();

// Built-in middleware for serving static files
app.use(express.static('public'));

// Third-party middleware for logging
app.use(morgan('tiny'));

// Third-party middleware for parsing JSON request bodies
app.use(bodyParser.json());

// Custom middleware for authentication
app.use((req, res, next) => {
  const apiKey = req.get('API-Key');
  if (apiKey && apiKey === 'secret-key') {
    next();
  } else {
    res.status(401).send('Authentication required');
  }
});

// Routes
app.get('/secure-data', (req, res) => {
  res.json({ secureData: 'You are authorized to see this' });
});

// Custom error-handling middleware
app.use((err, req, res, next) => {
  console.error(err.stack);
  res.status(500).send('Something broke!');
});

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In this advanced example, morgan is used to log requests, bodyParser parses incoming request bodies in a middleware before your handlers, and a custom middleware checks for an 'API-Key' in the request headers to authenticate the request. Finally, an error-handling middleware is defined to catch any errors that occur in the routing logic or previous middleware functions.

2. Route Handling:

Define routes using Express's routing methods to respond to various HTTP requests (GET, POST, etc.) at different paths.

Route Handling:

Route handling in a web application is the process of defining endpoints (URIs) and how the server responds to client requests at those endpoints. Express.js, a popular web framework for Node.js, provides a robust set of features to manage routes.

Basic Example:

In Express, you define routes by specifying the HTTP method and the path, along with a handler function that sends a response back to the client.

Here's what basic route handling might look like:

• Import the Express module and create an app instance.
• Define routes for different HTTP methods like GET and POST.
• Start the server listening on a specific port.

import express from 'express';

const app = express();

// Basic GET route
app.get('/', (req, res) => {
  res.send('Hello World!');
});

// Basic POST route
app.post('/submit-data', (req, res) => {
  // Logic to handle submitted data goes here
  res.send('Data received!');
});

// Starting the server
app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

Advanced Example:

For more complex applications, you might organize routes using Express routers, middleware to handle errors, validation, or authentication, and control response formats using content negotiation.

Here's an advanced route handling setup:

• Use express.Router to create modular route handlers.
• Apply middleware for common functionality across routes.
• Send different response types based on content negotiation.

import express, { Request, Response } from 'express';
import { body, validationResult } from 'express-validator';

const app = express();
app.use(express.json()); // Middleware to parse JSON request bodies

// Creating a router for a specific feature/module
const usersRouter = express.Router();

// Route with middleware to validate request data
usersRouter.post('/create', [
  body('username').isAlphanumeric(),
  body('email').isEmail(),
], (req: Request, res: Response) => {
  const errors = validationResult(req);
  if (!errors.isEmpty()) {
    return res.status(400).json({ errors: errors.array() });
  }

  // Logic to create a user goes here
  res.status(201).send('User created');
});

// Error handling middleware
app.use((err, req, res, next) => {
  console.error(err.stack);
  res.status(500).send('Something broke!');
});

// Using the router in the app
app.use('/users', usersRouter);

// Starting the server
app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In the advanced example:

• An Express router is created for user-related routes, which helps to keep the code for different features separate and organized.
• The express-validator middleware is used for request validation.
• A JSON response is sent with validation errors if the request data doesn't meet the specified criteria.
• An error-handling middleware is set up to catch and respond to any errors that occur in the routing logic.

3. Error Handling:

Create error-handling middleware to manage exceptions and errors that occur in the application, providing a consistent error response structure.

Error Handling:

Error handling in TypeScript, especially within a Node.js environment, is crucial for managing exceptions and errors that occur during the application's execution. Middleware is a powerful pattern for handling errors in server frameworks like Express.js, where it provides a centralized error handling mechanism.

Basic Error Handling Middleware Example Code Explanation:

import express from 'express';

const app = express();

// Basic error-handling middleware function
app.use((err, req, res, next) => {
  console.error(err.stack); // Log the error stack for debugging
  res.status(500).send({ error: 'An unexpected error occurred!' });
});

// Usage in an Express route
app.get('/', (req, res) => {
  throw new Error('Oops! Something went wrong.');
});

// The middleware should be defined last, after other app.use() and routes calls
app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In this basic example:

• We define a middleware function using app.use() that catches errors for all routes.
• When an error occurs, the middleware function logs the error and sends a generic error message to the client with a status code of 500, indicating a server error.

Advanced Error Handling Middleware Example Code Explanation:

import express, { Request, Response, NextFunction } from 'express';

const app = express();

// Custom error class to handle application-specific errors
class AppError extends Error {
  statusCode: number;
  status: string;

  constructor(message: string, statusCode: number) {
    super(message); // Add a "message" property
    this.statusCode = statusCode;
    this.status = `${statusCode}`.startsWith('4') ? 'fail' : 'error';
    Error.captureStackTrace(this, this.constructor);
  }
}

// Advanced error-handling middleware function
app.use((err: Error, req: Request, res: Response, next: NextFunction) => {
  if (err instanceof AppError) {
    // Application-specific error handling
    res.status(err.statusCode).send({
      status: err.status,
      error: err.message,
    });
  } else {
    // Generic error handling
    res.status(500).send({
      status: 'error',
      error: 'An unexpected error occurred!',
    });
  }
});

// Usage in an Express route with custom error
app.get('/', (req, res, next) => {
  const err = new AppError('Not Found', 404);
  next(err); // Pass the error to the error-handling middleware
});

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In the advanced example:

• We define a custom AppError class that extends the built-in Error class, adding a statusCode and a status property to handle application-specific error statuses.
• The error-handling middleware checks if the error is an instance of AppError and handles it accordingly, providing a more specific error response.
• The next function is used in routes to pass errors to the middleware.
• This pattern allows for more granular error handling, with the ability to differentiate between different types of application errors and respond to the client with more specific information.

4. Request Validation:

Implement request validation using libraries like joi or express-validator to ensure that incoming data meets the expected format and type.

Request Validation:

Validating incoming request data is crucial to ensure that your application receives the data it expects. This can help prevent unexpected errors and security vulnerabilities. Libraries like joi and express-validator are often used in Node.js applications to define validation schemas and apply these validations to requests.

Basic Request Validation with joi: Here is a simple example using joi to validate that incoming POST request data for user registration contains a valid email and a password of at least 6 characters.

const express = require('express');
const Joi = require('joi');

const app = express();
app.use(express.json());

const userSchema = Joi.object({
  email: Joi.string().email().required(),
  password: Joi.string().min(6).required()
});

app.post('/register', (req, res) => {
  const { error } = userSchema.validate(req.body);

  if (error) {
    return res.status(400).send(error.details[0].message);
  }

  res.send('User registered successfully');
});

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

Advanced Request Validation with express-validator: In a more complex scenario, you might want to perform chained validations and custom messages using express-validator. Below is an example of validating and sanitizing a sign-up route.

const express = require('express');
const { body, validationResult } = require('express-validator');

const app = express();
app.use(express.json());

app.post('/signup',
  // Validation chains
  body('username')
    .isLength({ min: 5 }).withMessage('Username must be at least 5 characters long')
    .isAlphanumeric().withMessage('Username must be alphanumeric'),

  body('email')
    .isEmail().withMessage('Invalid email address')
    .normalizeEmail(), // Sanitization

  body('password')
    .isStrongPassword().withMessage('Password must be strong')
    .custom((value, { req }) => {
      if (value !== req.body.confirmPassword) {
        throw new Error('Password confirmation does not match password');
      }
      return true;
    }),

  // Request handler
  (req, res) => {
    const errors = validationResult(req);
    if (!errors.isEmpty()) {
      return res.status(400).json({ errors: errors.array() });
    }

    // Proceed with user registration...
    res.send('User signed up successfully');
  }
);

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In this advanced example, express-validator is used to validate and sanitize different fields: the username must be at least 5 characters long and alphanumeric, the email must be valid and is normalized, and the password must be strong according to predefined rules. Additionally, the password confirmation must match the password field. If any of these validations fail, the errors are returned in the response.

5. Asynchronous Operations:

Handle asynchronous code using async/await in your route handlers and middleware to work with promises more comfortably.

Asynchronous Operations:

Asynchronous operations in Node.js allow you to perform long-running tasks without blocking the main thread. Using async/await syntax with promises can make your asynchronous code easier to read and maintain.

Basic Example:

In Express route handlers, you can define functions as async, which allows you to use await to pause the function in a non-blocking way until the promise resolves.

Here's a basic use of async/await in an Express route:

• Define your route handler with async.
• Use await to wait for asynchronous operations like database calls or file reads to complete.
• Send the response back to the client after the asynchronous operation has finished.

import express from 'express';

const app = express();

// An asynchronous GET route
app.get('/data', async (req, res) => {
  try {
    const data = await someAsyncOperation(); // Assume this function returns a promise
    res.send(data);
  } catch (error) {
    res.status(500).send('An error occurred');
  }
});

// Starting the server
app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

Advanced Example:

In more complex scenarios, you may have middleware that performs asynchronous actions, or you may need to handle multiple asynchronous operations in parallel.

Here's how you might handle more advanced async operations:

• Use async middleware for operations like checking authentication or querying a database.
• Use Promise.all to wait for multiple promises to resolve.

import express from 'express';

const app = express();

// Middleware to perform an async operation
const asyncMiddleware = async (req, res, next) => {
  try {
    req.user = await getUserFromDatabase(req.header('Authorization')); // Async DB call
    next(); // Proceed to next middleware or route handler
  } catch (error) {
    next(error); // Forward error to the error-handling middleware
  }
};

// Using the async middleware in a route
app.get('/profile', asyncMiddleware, async (req, res) => {
  // The user is already attached to the request in the middleware
  res.send(req.user);
});

// An asynchronous route handler that waits for multiple promises
app.get('/aggregate-data', async (req, res) => {
  try {
    const [data1, data2] = await Promise.all([
      someAsyncOperation1(),
      someAsyncOperation2(),
    ]);
    res.send({ data1, data2 });
  } catch (error) {
    res.status(500).send('An error occurred');
  }
});

// Error handling middleware
app.use((err, req, res, next) => {
  console.error(err);
  res.status(500).send('Server error');
});

// Starting the server
app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In the advanced example:

• asyncMiddleware is an asynchronous function that retrieves user data from a database and attaches it to the req object.
• The /profile route uses this middleware to have access to the user's data.
• The /aggregate-data route demonstrates how to handle multiple asynchronous operations concurrently with Promise.all.
• The error-handling middleware is updated to catch errors from asynchronous operations.

6. Static Files Serving:

Serve static files such as images, CSS files, and JavaScript files using the express.static built-in middleware function.

Static Files Serving:

Serving static files in a web application is a common requirement. Static files are assets that are not dynamically generated, typically including images, CSS, and JavaScript files. In Node.js using Express, this can be done efficiently with the express.static middleware.

Basic Static File Serving Example Code Explanation:

import express from 'express';
const app = express();

// Serve static files from the 'public' directory
app.use(express.static('public'));

app.listen(3000, () => {
  console.log('Server started on port 3000');
});

In this basic example:

• We create an Express application using express().
• We then use the express.static middleware to serve files from a directory named public. This directory should be in the root of your application.
• The server listens on port 3000, and any static files placed in the public directory are accessible via the web browser.

Advanced Static File Serving with Virtual Path Prefix Example Code Explanation:

import express from 'express';
const app = express();

// Serve static files from the 'public' directory with a virtual path prefix '/static'
app.use('/static', express.static('public'));

app.listen(3000, () => {
  console.log('Server started on port 3000');
});

In the advanced example:

• We still serve static files from the public directory.
• However, by specifying the first argument '/static', we set a virtual path prefix. Now, the files are served under a path that includes /static. For example, if you have public/css/style.css, it will be served as http://localhost:3000/static/css/style.css.
• This approach can be useful for namespacing or organizing your static files URL structure without changing your directory structure.

7. Template Engines:

Integrate template engines like Pug, EJS, or Handlebars with Express to generate HTML responses by combining data with templates.

Let's look at how to integrate template engines with an Express server in TypeScript. I'll show a basic example using EJS and an advanced example using Handlebars.

Basic Express Server with EJS Template Engine in TypeScript:

First, install the necessary packages:

npm install express ejs
npm install --save-dev @types/express @types/ejs

Here's the basic server setup:

import express, { Application, Request, Response } from 'express';

const app: Application = express();
const PORT = process.env.PORT || 3000;

// Set the view engine to ejs
app.set('view engine', 'ejs');

// Define a route to render an EJS view
app.get('/', (req: Request, res: Response) => {
  res.render('index', { title: 'Hello World!' });
});

// Start the server
app.listen(PORT, () => {
  console.log(`Server is running on port ${PORT}`);
});

In this basic example, we set EJS as the view engine for the Express app and created a route that renders an index.ejs file passing a title variable to it.

Advanced Express Server with Handlebars Template Engine in TypeScript:

First, install the necessary packages:

npm install express express-handlebars
npm install --save-dev @types/express

Here's the advanced server setup with additional configurations:

import express, { Application, Request, Response } from 'express';
import exphbs from 'express-handlebars';

const app: Application = express();
const PORT = process.env.PORT || 3000;

// Configure Handlebars as the template engine
app.engine('handlebars', exphbs());
app.set('view engine', 'handlebars');

// Define a route to render a Handlebars view
app.get('/', (req: Request, res: Response) => {
  res.render('home', { title: 'Welcome to the Advanced Express Server' });
});

// Middleware to serve static files from public directory
app.use(express.static('public'));

// Start the server
app.listen(PORT, () => {
  console.log(`Server is running on port ${PORT}`);
});

In the advanced example, we configure Express to use Handlebars as the template engine with express-handlebars. We set up a route that renders a home.handlebars file, and we've included middleware to serve static files.

For both examples, ensure that you have the corresponding view files (index.ejs for EJS and home.handlebars for Handlebars) in the appropriate directories (usually a views folder within the project directory).

8. Session Management:

Implement session management using express-session to store user data between HTTP requests.

Session Management:

Session management is a way to persist user data across multiple HTTP requests. In Express.js, the express-session middleware is commonly used for this purpose.

Basic Session Management Example: Here's a basic example of using express-session to store a user's number of visits to the site.

const express = require('express');
const session = require('express-session');

const app = express();

app.use(session({
  secret: 'keyboard cat', // Secret used to sign the session ID cookie
  resave: false, // Don't save session if unmodified
  saveUninitialized: true, // Save a session that is new, but has not been modified
  cookie: { secure: false } // True is recommended when using HTTPS
}));

app.get('/', (req, res) => {
  if (req.session.views) {
    req.session.views++;
    res.send(`Number of views: ${req.session.views}`);
  } else {
    req.session.views = 1;
    res.send('Welcome to this page for the first time!');
  }
});

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In this basic example, a session is created for each user. The session data contains a views property, which is incremented with each visit to the root route.

Advanced Session Management Example: For a more advanced scenario, you might integrate session storage with a database to persist session data and include additional security measures, such as HTTPS.

const express = require('express');
const session = require('express-session');
const MongoDBStore = require('connect-mongodb-session')(session); // To store session data in MongoDB
const https = require('https');
const fs = require('fs');

const app = express();
const mongoStore = new MongoDBStore({
  uri: 'mongodb://localhost:27017/connect_mongodb_session_store',
  collection: 'mySessions'
});

// Catch errors
mongoStore.on('error', function(error) {
  console.error('Session store error:', error);
});

app.use(session({
  secret: 'keyboard cat',
  resave: false,
  saveUninitialized: true,
  store: mongoStore, // Use MongoDB store
  cookie: { secure: true } // Require HTTPS
}));

// ... rest of your express app setup ...

const options = {
  key: fs.readFileSync('path/to/private.key'),
  cert: fs.readFileSync('path/to/certificate.crt')
};

https.createServer(options, app).listen(3000, () => {
  console.log('HTTPS server running on port 3000');
});

In the advanced example, connect-mongodb-session is used to store session data in MongoDB, which means the sessions will persist even if the Node.js application restarts. Additionally, an HTTPS server is created using the https module to ensure that the secure cookie flag can be set, which makes sessions more secure by sending the cookie only over HTTPS.

9. Security Best Practices:

Employ security best practices using modules like helmet and cors to protect the app from common web vulnerabilities.

Security Best Practices:

Implementing security best practices is essential to protect a web application from common threats and vulnerabilities. Using modules like helmet to set various HTTP headers and cors to enable CORS (Cross-Origin Resource Sharing) with various options can significantly enhance the security posture of an application.

Basic Example:

For basic security enhancements in an Express.js application, you can use helmet, which is a collection of middleware functions that set HTTP response headers to provide a layer of security.

Here's how you can integrate helmet into your Express app:

• Import and apply helmet to the application.
• Start the server and listen on a port.

import express from 'express';
import helmet from 'helmet';

const app = express();

// Use helmet for security best practices
app.use(helmet());

// Define a simple GET route
app.get('/', (req, res) => {
  res.send('Hello, secure world!');
});

// Start the server
app.listen(3000, () => {
  console.log('Server is running on port 3000 with basic security enhancements.');
});

Advanced Example:

In addition to helmet, using cors middleware allows you to configure Cross-Origin Resource Sharing, which is crucial for defining which client domains are permitted to access your server resources.

For an advanced setup, you might customize helmet and cors with specific options tailored to your application's needs, and use other practices like rate limiting.

Here's a more advanced security setup:

• Customize helmet options for specific security policies.
• Configure cors for more granular control over cross-origin requests.
• Implement additional security measures like rate limiting.

import express from 'express';
import helmet from 'helmet';
import cors from 'cors';
import rateLimit from 'express-rate-limit';

const app = express();

// Custom helmet configuration
app.use(helmet({
  contentSecurityPolicy: {
    directives: {
      defaultSrc: ["'self'"],
      scriptSrc: ["'self'", "'unsafe-inline'"],
      objectSrc: ["'none'"],
      upgradeInsecureRequests: [],
    },
  },
  // Other custom helmet options...
}));

// CORS configuration for specific origins and methods
app.use(cors({
  origin: 'https://example.com', // allow only example.com to access resources
  methods: ['GET', 'POST'], // allow only GET and POST methods
  allowedHeaders: ['Content-Type', 'Authorization'],
  // Other cors options...
}));

// Rate limiting to protect against brute-force attacks
const limiter = rateLimit({
  windowMs: 15 * 60 * 1000, // 15 minutes
  max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
});

// Apply the rate limiting middleware to all requests
app.use(limiter);

// Define a secure GET route
app.get('/secure-data', (req, res) => {
  res.send('This is secure data.');
});

// Start the server
app.listen(3000, () => {
  console.log('Server is running on port 3000 with advanced security enhancements.');
});

In the advanced example:

• helmet is configured with specific security policies, such as enforcing a content security policy.
• cors is configured to only allow certain origins and HTTP methods, providing finer control over who can access your server.
• express-rate-limit middleware is set up to prevent too many requests from the same IP in a short time frame, mitigating the risk of DDoS attacks and brute-force attempts.

10. Logging:

Integrate logging mechanisms using libraries like morgan or winston to keep track of requests and errors, which is essential for debugging and monitoring.

Logging:

Logging is an essential aspect of any application. It helps in monitoring the application, debugging issues, and keeping track of the system's behavior. In Node.js applications, logging libraries such as morgan for HTTP request logging and winston for general-purpose logging are widely used.

Basic Logging with Morgan Example Code Explanation:

import express from 'express';
import morgan from 'morgan';

const app = express();

// Use morgan middleware for logging HTTP requests
app.use(morgan('dev'));

app.get('/', (req, res) => {
  res.send('Hello, world!');
});

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In this basic example:

• We import express for creating the server and morgan for logging.
• The morgan middleware is added to the Express app with the 'dev' format, which is a predefined log output format that includes concise output colored by response status for development use.
• When the server receives a request, morgan logs the details of the request to the console.

Advanced Logging with Winston Example Code Explanation:

import express from 'express';
import { createLogger, format, transports } from 'winston';
import morgan from 'morgan';

const app = express();

// Create a Winston logger
const logger = createLogger({
  level: 'info',
  format: format.combine(format.timestamp(), format.json()),
  transports: [
    new transports.Console(),
    new transports.File({ filename: 'app.log' }) // Log to a file
  ],
});

// Create a stream object with a 'write' function that will be used by `morgan`
const stream = {
  write: (message: string) => {
    // Use the 'info' log level so the output will be picked up by both transports (console and file)
    logger.info(message.trim());
  },
};

// Use morgan middleware with the custom stream for HTTP requests
app.use(morgan('combined', { stream }));

app.get('/', (req, res) => {
  res.send('Hello, world!');
});

// A route that triggers an error
app.get('/error', (req, res) => {
  throw new Error('This is a forced error.');
});

// Error handling middleware
app.use((err, req, res, next) => {
  logger.error(err.stack); // Log the error stack
  res.status(500).send('Something went wrong!');
});

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In the advanced example:

• We create a winston logger that logs to both the console and a file named app.log.
• The morgan middleware is set up with a custom stream, which uses winston to log HTTP requests. The combined format provides detailed log output.
• We add a route that intentionally throws an error to demonstrate error logging.
• An error handling middleware is defined at the end, which logs the error stack using winston.
• The winston logger provides a more flexible and robust logging setup that can be customized for various environments and logging levels.

11. Environment Configuration:

Manage environment-specific configurations using dotenv to load environment variables from a .env file.

To manage environment-specific configurations in an Express application using TypeScript, you typically use the dotenv library to load variables from a .env file into process.env. Here's how you can do it:

Basic Setup with dotenv:

First, install the necessary package:

npm install dotenv

Then, create a .env file in the root of your project with some environment variables:

PORT=3000
GREETING=Hello World

Here's the basic server setup in TypeScript:

import express, { Application, Request, Response } from 'express';
import dotenv from 'dotenv';

// Load environment variables from .env file
dotenv.config();

const app: Application = express();
const PORT = process.env.PORT;

app.get('/', (req: Request, res: Response) => {
  res.send(process.env.GREETING);
});

app.listen(PORT, () => {
  console.log(`Server is running on port ${PORT}`);
});

In this basic example, we use dotenv.config() to load the configuration from the .env file, and then we can access these variables through process.env.

Advanced Setup with dotenv and Different Environments:

For an advanced setup, you may want to have different .env files for different environments (e.g., .env.development, .env.test, .env.production). You can configure dotenv to load the appropriate file based on the current NODE_ENV:

npm install dotenv

Create different .env files for your environments:

# .env.development
PORT=3000
GREETING=Hello from Development

# .env.production
PORT=8080
GREETING=Hello from Production

Here's the advanced server setup in TypeScript:

import express, { Application, Request, Response } from 'express';
import dotenv from 'dotenv';
import fs from 'fs';
import path from 'path';

// Determine the environment and load the appropriate .env file
const ENVIRONMENT = process.env.NODE_ENV || 'development';
const envConfigPath = path.resolve(__dirname, `.env.${ENVIRONMENT}`);
if (fs.existsSync(envConfigPath)) {
  dotenv.config({ path: envConfigPath });
} else {
  dotenv.config(); // Load the default .env file
}

const app: Application = express();
const PORT = process.env.PORT;

app.get('/', (req: Request, res: Response) => {
  res.send(process.env.GREETING);
});

app.listen(PORT, () => {
  console.log(`Server is running in ${ENVIRONMENT} mode on port ${PORT}`);
});

In the advanced example, we check if a .env file corresponding to the NODE_ENV environment variable exists. If it does, we load that; otherwise, we fall back to the default .env file. This allows you to have separate configurations for development, testing, and production environments.

In both cases, make sure to include dotenv early in your application entry point before accessing any environment variables.

12. API Rate Limiting:

Control the rate of API requests using express-rate-limit to protect against brute-force attacks and other abusive behaviors targeting the API.

API Rate Limiting:

Rate limiting is a technique used to control the amount of incoming requests to a server. By limiting the rate, you can protect your API from overuse and abuse, such as brute-force attacks.

Basic API Rate Limiting Example: Using express-rate-limit, you can easily set up basic rate limiting on your Express.js application.

const express = require('express');
const rateLimit = require('express-rate-limit');

const app = express();

// Apply rate limiting to all requests
const limiter = rateLimit({
  windowMs: 15 * 60 * 1000, // 15 minutes
  max: 100 // limit each IP to 100 requests per windowMs
});

app.use(limiter);

app.get('/', (req, res) => {
  res.send('Hello World!');
});

app.listen(3000, () => {
  console.log('Server listening on port 3000');
});

In this simple example, the express-rate-limit middleware is applied globally to all routes. It limits each IP address to 100 requests every 15 minutes.

Advanced API Rate Limiting Example: For a more complex scenario, you might want to apply different rate limits to different routes or set up a dynamic rate limit based on user subscription level or other criteria.

const express = require('express');
const rateLimit = require('express-rate-limit');

const app = express();

// Standard users rate limit
const userLimiter = rateLimit({
  windowMs: 15 * 60 * 1000, // 15 minutes
  max: 100 // limit each IP to 100 requests per windowMs
});

// Premium users rate limit
const premiumLimiter = rateLimit({
  windowMs: 15 * 60 * 1000, // 15 minutes
  max: 1000 // limit each IP to 1000 requests per windowMs
});

// Apply standard rate limiting to all requests
app.use(userLimiter);

// Apply different rate limiting to premium route
app.get('/api/premium', premiumLimiter, (req, res) => {
  res.send('Welcome to the premium API!');
});

app.get('/api/standard', (req, res) => {
  res.send('Accessing the standard API');
});

app.listen(3000, () => {
  console.log('Server listening on port 3000');
});

In this advanced example, two different rate limiters are created. The userLimiter is applied globally, while the premiumLimiter is applied only to the premium API route. This allows you to offer higher rate limits for premium users or different types of requests. You could further customize this by tying the rate limits to user accounts or API keys and dynamically setting the limits based on the user's plan or other attributes.

13. Database Integration:

Integrate databases using ORMs like Sequelize or Mongoose, which provide TypeScript support for type safety and productivity.

Database Integration:

Database integration in an application involves connecting to a database to perform CRUD (Create, Read, Update, Delete) operations. Object-Relational Mapping (ORM) tools like Sequelize for SQL databases or Mongoose for MongoDB can greatly simplify this process, especially with TypeScript's type safety features.

Basic Example with Mongoose:

To integrate MongoDB with a Node.js application using Mongoose, you define models that represent collections in your database and use these models to interact with the data.

Here's a basic example of integrating Mongoose with TypeScript:

• Install and import Mongoose.
• Connect to the MongoDB database.
• Define a Mongoose schema and model.
• Use the model to interact with the database.

import mongoose from 'mongoose';

// Connect to MongoDB
mongoose.connect('mongodb://localhost:27017/mydatabase');

// Define a schema
const userSchema = new mongoose.Schema({
  name: String,
  email: String,
  age: Number
});

// Create a model based on the schema
const User = mongoose.model('User', userSchema);

// Using the model to interact with the database
const createUser = async (userData) => {
  const user = new User(userData);
  await user.save();
  console.log('User created:', user);
};

// Call the function with a user object
createUser({ name: 'Jane Doe', email: 'jane@example.com', age: 30 });

Advanced Example with Sequelize:

Sequelize is a promise-based ORM for SQL databases. It supports TypeScript and can be used to define models for your tables, then use those models to perform database operations.

Here's how you might set up Sequelize with TypeScript:

• Install Sequelize and the corresponding typings.
• Configure Sequelize to connect to your SQL database.
• Define models and use TypeScript interfaces for type safety.
• Perform database operations using Sequelize methods.

import { Sequelize, Model, DataTypes } from 'sequelize';

// Create a new Sequelize instance
const sequelize = new Sequelize('sqlite::memory:'); // For demonstration, using SQLite

// Define a TypeScript interface for our model attributes
interface UserAttributes {
  id: number;
  name: string;
  email: string;
}

// Extend the Model class for type safety
class User extends Model<UserAttributes> implements UserAttributes {
  public id!: number; // Non-null assertion for TypeScript
  public name!: string;
  public email!: string;
}

// Initialize the model
User.init({
  id: {
    type: DataTypes.INTEGER.UNSIGNED,
    autoIncrement: true,
    primaryKey: true,
  },
  name: {
    type: new DataTypes.STRING(128),
    allowNull: false,
  },
  email: {
    type: new DataTypes.STRING(128),
    allowNull: false,
  },
}, {
  tableName: 'users',
  sequelize, // Pass the Sequelize instance
});

// Sync the model with the database
sequelize.sync({ force: true }).then(() => {
  console.log('Database & tables created!');
});

// Using the model to interact with the database
const createAndFindUser = async () => {
  // Create a new user
  await User.create({ name: 'John Doe', email: 'john@example.com' });

  // Find a user by name
  const user = await User.findOne({ where: { name: 'John Doe' } });
  if (user) {
    console.log('User found:', user.name);
  }
};

// Call the function to test create and find operations
createAndFindUser();

In the advanced Sequelize example:

• A new Sequelize instance is created and connected to a SQLite in-memory database for simplicity.
• The User class extends Model and includes a TypeScript interface for type safety.
• The model is initialized with data types and table configuration.
• Sequelize's sync method is called to create the table according to the model definition.
• Functions are defined to create a new user and find a user, demonstrating the use of the model for database operations.

14. Authentication:

Implement authentication using passport with various strategies like JWT, OAuth, or session-based authentication.

Authentication:

Authentication in web applications is about verifying the identity of a user. It's a crucial part of any secure web application. Passport is a middleware for Node.js that can be used with Express and provides a wide range of strategies for authentication, including JWT (JSON Web Tokens), OAuth (for using external providers like Google, Facebook, etc.), and session-based authentication.

Basic Passport with Local Strategy Example Code Explanation:

import express from 'express';
import passport from 'passport';
import { Strategy as LocalStrategy } from 'passport-local';

const app = express();

// Configure Passport to use the Local Strategy
passport.use(new LocalStrategy(
  (username, password, done) => {
    // Here you would find the user in your database
    // and check the password
    const user = { id: 1, username: 'john_doe' }; // This is a placeholder

    // If the credentials are correct, call done with the user object
    // If the credentials are incorrect, call done with false
    // If there is an error, call done with the error
    return done(null, user);
  }
));

app.use(express.urlencoded({ extended: true }));
app.use(passport.initialize());

app.post('/login',
  passport.authenticate('local', { failureRedirect: '/login' }),
  (req, res) => {
    res.redirect('/'); // On success, redirect to the home page
  }
);

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In the basic example:

• We configure Passport to use the Local Strategy for username and password authentication.
• A dummy user object is used to simulate a database retrieval.
• When the /login route is hit, Passport authenticates the user. If the login fails, it redirects to /login, otherwise, it redirects to the home page.

Advanced Passport with JWT Strategy Example Code Explanation:

import express from 'express';
import passport from 'passport';
import passportJWT from 'passport-jwt';

const app = express();
const JWTStrategy = passportJWT.Strategy;
const ExtractJWT = passportJWT.ExtractJwt;

// This secret key would typically be an environment variable
const secretKey = 'your_secret_key';

// Configure Passport to use the JWT Strategy
passport.use(new JWTStrategy({
    jwtFromRequest: ExtractJWT.fromAuthHeaderAsBearerToken(),
    secretOrKey: secretKey
  },
  (jwtPayload, done) => {
    // Here you would find the user by the id in the JWT payload
    // and return the user object or an error
    const user = { id: jwtPayload.sub, username: jwtPayload.username }; // This is a placeholder

    return done(null, user);
  }
));

app.use(express.json());
app.use(passport.initialize());

app.get('/protected',
  passport.authenticate('jwt', { session: false }),
  (req, res) => {
    res.send('You accessed a protected route!');
  }
);

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In the advanced example:

• We use Passport's JWT Strategy for authentication.
• The JWT token is expected as a Bearer token in the Authorization header of the request.
• The jwtPayload is extracted from the token, and you would typically query your database for the user using the sub claim as the user's unique identifier.
• The /protected route demonstrates how to protect routes. The Passport JWT middleware checks for a valid JWT token, and if the request is authenticated, it allows access to the route.
• This method does not use sessions, as the JWT contains all the necessary user information, which is a stateless approach to authentication.

15. File Upload:

Handle file uploads using multer middleware, configuring it to work with TypeScript for type checking file uploads and handling.

To handle file uploads in an Express application with TypeScript, you can use multer, a middleware for handling multipart/form-data, typically used for uploading files.

Basic File Upload with Multer and TypeScript:

First, install the necessary packages:

npm install express multer
npm install --save-dev @types/express @types/multer

Here's a simple server setup in TypeScript that allows file uploads to a directory named uploads:

import express, { Application, Request, Response } from 'express';
import multer from 'multer';
import path from 'path';

const app: Application = express();
const PORT = process.env.PORT || 3000;

// Set up storage
const storage = multer.diskStorage({
  destination: (req, file, callback) => {
    callback(null, 'uploads/');
  },
  filename: (req, file, callback) => {
    callback(null, file.fieldname + '-' + Date.now() + path.extname(file.originalname));
  }
});

// Initialize upload
const upload = multer({ storage: storage });

// Single file upload route
app.post('/upload', upload.single('myFile'), (req: Request, res: Response) => {
  if (!req.file) {
    return res.status(400).send('No file uploaded.');
  }
  res.send(`File uploaded successfully: ${req.file.filename}`);
});

app.listen(PORT, () => {
  console.log(`Server is running on port ${PORT}`);
});

In this basic example, we configure multer to save uploaded files in the uploads directory with a unique filename.

Advanced File Upload with Multer, TypeScript, and Additional Checks:

For an advanced setup, you might want to add file type validation, handle multiple files, and provide more detailed response messages.

import express, { Application, Request, Response } from 'express';
import multer, { FileFilterCallback } from 'multer';
import path from 'path';

const app: Application = express();
const PORT = process.env.PORT || 3000;

// Set up storage and file filter for file type validation
const storage = multer.diskStorage({
  destination: (req, file, callback) => {
    callback(null, 'uploads/');
  },
  filename: (req, file, callback) => {
    callback(null, new Date().toISOString() + '-' + file.originalname);
  }
});

const fileFilter = (req: Request, file: Express.Multer.File, callback: FileFilterCallback) => {
  // Accept images only
  if (!file.originalname.match(/\.(jpg|jpeg|png|gif)$/)) {
    return callback(new Error('Only image files are allowed!'), false);
  }
  callback(null, true);
};

const upload = multer({ storage: storage, fileFilter: fileFilter });

// Multiple file upload route
app.post('/upload-multiple', upload.array('myFiles', 5), (req: Request, res: Response) => {
  const files = req.files as Express.Multer.File[];
  if (!files || files.length === 0) {
    return res.status(400).send('No files uploaded.');
  }
  const fileNames = files.map(file => file.filename).join(', ');
  res.send(`Files uploaded successfully: ${fileNames}`);
});

app.listen(PORT, () => {
  console.log(`Server is running on port ${PORT}`);
});

In the advanced example, we create a storage configuration similar to the basic example but add a fileFilter function to only allow image uploads. We also use upload.array to handle multiple file uploads with a limit of 5 files.

These examples provide a foundation for handling file uploads with TypeScript in Express. They can be expanded with more features like error handling, file size limits, and dynamic storage options depending on the application's requirements.

16. Compression:

Enable response compression using the compression middleware to improve performance by reducing the size of the response body.

Compression:

Response compression in web applications can significantly reduce the size of the response body and improve the speed of web page loading times for users. It's a standard practice for improving web performance, especially for high-traffic sites.

Basic Compression Example: Here's how to use the compression middleware in a basic Express.js application to compress response bodies for all requests.

const express = require('express');
const compression = require('compression');

const app = express();

// Enable all response compression
app.use(compression());

app.get('/', (req, res) => {
  res.send('This is a compressed response!');
});

app.listen(3000, () => {
  console.log('Server listening on port 3000');
});

In this simple example, the compression middleware is added before any routes are defined, which ensures that all responses are compressed when sent to the client, provided the client supports it.

Advanced Compression Example: For a more advanced setup, you might want to configure the compression middleware with specific options, or conditionally apply compression based on the request or response.

const express = require('express');
const compression = require('compression');

const app = express();

// Compression middleware with options
const shouldCompress = (req, res) => {
  if (req.headers['x-no-compression']) {
    // Don't compress responses with this request header
    return false;
  }

  // Fallback to standard compression
  return compression.filter(req, res);
};

app.use(compression({
  filter: shouldCompress,
  threshold: 1024 // Only compress responses that are larger than 1KB
}));

app.get('/', (req, res) => {
  // Generates a large response body to trigger compression
  const largeResponse = 'This is a compressed response! '.repeat(1000);
  res.send(largeResponse);
});

app.get('/no-compression', (req, res) => {
  res.set('x-no-compression', 'true');
  res.send('This response will not be compressed.');
});

app.listen(3000, () => {
  console.log('Server listening on port 3000');
});

In this advanced example, the compression middleware is configured with a custom filter function, shouldCompress, which checks for a custom request header x-no-compression. If this header is present, the response will not be compressed. Additionally, a threshold option is set so that only responses larger than 1KB are compressed. This is useful for not wasting CPU resources to compress tiny responses that wouldn't benefit much from compression.

17. Testing:

Write unit and integration tests using testing frameworks like Jest or Mocha with TypeScript for better maintainability and error checking.

Testing:

Writing tests for your application ensures that your code works as expected and helps prevent future changes from breaking existing functionality. Jest is a popular testing framework that works well with TypeScript, offering both unit and integration testing capabilities.

Basic Example with Jest:

To write unit tests with Jest and TypeScript, you need to set up Jest to work with TypeScript, write test cases for your functions or components, and run the tests to verify the behavior of your code.

Here's a basic setup and example of a unit test with Jest and TypeScript:

• Install Jest and the necessary TypeScript typings and transformer (ts-jest).
• Write a simple function to test.
• Create a test file with a test case for the function.

// sum.ts - A simple module to test
export const sum = (a: number, b: number): number => {
  return a + b;
};

// sum.test.ts - Jest test for the sum function
import { sum } from './sum';

test('adds 1 + 2 to equal 3', () => {
  expect(sum(1, 2)).toBe(3);
});

To run this test, you would have a Jest configuration file that includes TypeScript support, and then you would execute Jest through your command line or npm scripts.

Advanced Example with Jest for Integration Testing:

Integration tests verify that different parts of the application work together as expected. With Jest, you can write tests that interact with a test database, test server responses, or test that different modules work together correctly.

Here's an advanced integration test example:

• Set up a test environment with a database or mock objects/services.
• Write tests that cover scenarios involving multiple modules or systems working together.

// userController.ts - A module to test with database operations
import { User } from './models/User'; // Assume this is a Sequelize model

export const createUser = async (username: string, email: string) => {
  const user = await User.create({ username, email });
  return user;
};

// userController.test.ts - Integration test for userController
import { sequelize } from './sequelize'; // Assume this is your Sequelize instance
import { createUser } from './userController';

// Mock data for testing
const username = 'testuser';
const email = 'test@example.com';

describe('User Controller Integration Tests', () => {
  // Before all tests run, set up the database
  beforeAll(async () => {
    await sequelize.sync({ force: true });
  });

  // Test the creation of a user
  it('should create a new user', async () => {
    const user = await createUser(username, email);
    expect(user.username).toBe(username);
    expect(user.email).toBe(email);
  });

  // After all tests run, close the database connection
  afterAll(async () => {
    await sequelize.close();
  });
});

In the advanced example:

• A test suite is set up to test the userController module.
• beforeAll is used to set up the database before any tests are run.
• An integration test case is written to test the createUser function from the userController, checking if the user is created correctly in the database.
• afterAll is used to clean up resources, such as closing the database connection after all tests have run.

Running integration tests often involves setting up a test environment similar to the production environment, including databases, external services, and any other infrastructure your application relies on.

18. Structured Logging:

Create structured logs (in JSON format) that can be easily monitored and analyzed. Structured logging is crucial for production-grade applications.

Structured Logging:

Structured logging is about creating logs in a consistent, predefined format, which typically is JSON. This format allows logs to be easily parsed, monitored, and analyzed by logging systems or services.

Basic Structured Logging with console.log Example Code Explanation:

// A basic structured logging function that logs in JSON format
function logStructuredMessage(level: string, message: string, metadata: object) {
  const logEntry = {
    timestamp: new Date().toISOString(),
    level: level,
    message: message,
    ...metadata,
  };
  console.log(JSON.stringify(logEntry));
}

// Usage example
logStructuredMessage('info', 'User login attempt', { username: 'john_doe' });

In the basic example:

• We define a logStructuredMessage function that constructs a log entry as an object with a timestamp, log level, message, and additional metadata.
• We then convert this log entry object into a JSON string using JSON.stringify and output it using console.log.
• This approach is simple and doesn't require additional libraries, but it's less flexible and might not be suitable for more complex logging needs.

Advanced Structured Logging with Winston Example Code Explanation:

import { createLogger, format, transports } from 'winston';

// Create a Winston logger for structured JSON logging
const logger = createLogger({
  // Define the format of the log
  format: format.combine(
    format.timestamp(),
    format.json()
  ),
  // Define the transports (where to log)
  transports: [
    new transports.Console(), // Log to the console
    new transports.File({ filename: 'app.log' }) // Also log to a file
  ],
});

// Usage example
logger.info('User login attempt', { username: 'john_doe' });

In the advanced example:

• We use the winston library to create a logger with a predefined format.
• The format.combine method is used to combine multiple logging formats; here we use format.timestamp to add a timestamp and format.json to output the log as JSON.
• We define two transports: Console to log to the terminal and File to also save the logs to a file named 'app.log'.
• To create a log entry, we call the logger.info method (or other methods like logger.error, logger.warn, etc., depending on the level of logging required), passing the message and an object containing any additional metadata.
• This structured approach is highly beneficial for production-grade applications as it allows for easy integration with log management and analysis tools.

19. Dependency Injection:

Use dependency injection techniques to write testable and maintainable code, with libraries like inversify.

Dependency Injection (DI) is a design pattern that allows a program to remove hard-coded dependencies and makes it possible to change them, whether at runtime or compile time. This can be used to great effect in TypeScript applications, particularly with Node.js and Express. One popular library for implementing DI in TypeScript is inversify.

Basic Dependency Injection with Inversify and TypeScript:

First, install the necessary packages:

npm install express inversify inversify-express-utils reflect-metadata
npm install --save-dev @types/express @types/node

Then, ensure you enable experimentalDecorators and emitDecoratorMetadata in your tsconfig.json:

{
  "compilerOptions": {
    "target": "ES5",
    "module": "commonjs",
    "experimentalDecorators": true,
    "emitDecoratorMetadata": true
  }
}

Here's a basic setup using Inversify in TypeScript:

import 'reflect-metadata';
import { Container, injectable, inject } from 'inversify';
import { interfaces, InversifyExpressServer, TYPE } from 'inversify-express-utils';

// Define a service interface
interface IMessageService {
  getMessage(): string;
}

// Define a service that implements the interface
@injectable()
class MessageService implements IMessageService {
  public getMessage(): string {
    return 'Hello from MessageService!';
  }
}

// Bind the service to the interface
const container = new Container();
container.bind<IMessageService>('IMessageService').to(MessageService);

// Create an Express server with Inversify
const server = new InversifyExpressServer(container);
server.setConfig(app => {
  app.use(express.json());
});

// Start the server
const app = server.build();
app.listen(3000, () => {
  console.log('Server running on port 3000');
});

In the basic example, we have a simple service that returns a message. We use Inversify's Container to bind the service implementation to an interface. Then, we create an Express server with InversifyExpressServer and configure it.

Advanced Dependency Injection with Inversify, Controllers, and Middleware:

For an advanced setup, you can define a controller and middleware using Inversify's decorators.

import 'reflect-metadata';
import { Container, injectable, inject } from 'inversify';
import { interfaces, InversifyExpressServer, TYPE, controller, httpGet } from 'inversify-express-utils';

// Define the service interface and implementation as before...

// Define a controller that depends on the IMessageService
@controller('/')
class MessageController implements interfaces.Controller {

  private messageService: IMessageService;

  constructor(@inject('IMessageService') messageService: IMessageService) {
    this.messageService = messageService;
  }

  @httpGet('/')
  public getMessage(): string {
    return this.messageService.getMessage();
  }
}

// Setup container and server as before...

// Start the server
const app = server.build();
app.listen(3000, () => {
  console.log('Server running on port 3000');
});

In the advanced example, we've added a controller that uses the @controller and @httpGet decorators from inversify-express-utils to define a route. The MessageService is injected into the controller through the constructor, demonstrating how dependency injection separates the instantiation of a class from its use.

Using DI frameworks like Inversify in TypeScript can greatly enhance testability and maintainability by decoupling classes and their dependencies.

20. TypeScript Decorators:

Utilize TypeScript decorators to annotate and modify classes and properties at design time. When used with frameworks like routing-controllers, they can simplify route creation and handler definition.

TypeScript Decorators:

TypeScript decorators are a special kind of declaration that can be attached to a class declaration, method, accessor, property, or parameter. Decorators use the form @expression, where expression must evaluate to a function that will be called at runtime with information about the decorated declaration.

Basic TypeScript Decorator Example: Here's an example of a simple class decorator in TypeScript that logs the fact that a class has been defined.

function logClass(target: Function) {
  console.log(`Class ${target.name} has been created`);
}

@logClass
class User {
  constructor(public name: string, public age: number) {}
}

When you define the User class, the logClass decorator will be invoked, logging the name of the class to the console.

Advanced TypeScript Decorator Example: For a more complex scenario, you might use decorators to define routes in a web application using a framework like routing-controllers.

First, ensure experimentalDecorators and emitDecoratorMetadata are enabled in your tsconfig.json:

{
  "compilerOptions": {
    "target": "ES5",
    "experimentalDecorators": true,
    "emitDecoratorMetadata": true
  }
}

Then, you can use decorators to define your controllers and routes:

import { Controller, Param, Body, Get, Post, Put, Delete } from 'routing-controllers';

@Controller()
class UserController {

  @Get('/users')
  getAll() {
    return 'This action returns all users';
  }

  @Get('/users/:id')
  getOne(@Param('id') id: number) {
    return `This action returns user #${id}`;
  }

  @Post('/users')
  post(@Body() user: any) {
    return 'Saving user...';
  }

  @Put('/users/:id')
  put(@Param('id') id: number, @Body() user: any) {
    return `Updating a user #${id}`;
  }

  @Delete('/users/:id')
  remove(@Param('id') id: number) {
    return `Removing user #${id}`;
  }
}

In this advanced example, the @Controller decorator is used to define a new controller, and method decorators like @Get, @Post, @Put, and @Delete define routes within that controller. Parameter decorators like @Param and @Body are used to access the URL parameters and request body.

Decorators provide a way to add annotations and a meta-programming syntax for class declarations and members. They are powerful for creating abstractions and can be incredibly useful in frameworks that support them.

21. Custom Typings:

Extend Express's request and response objects by creating custom typings. This allows you to add properties or methods, such as user information or utility functions, and maintain type safety.

Custom Typings:

Custom typings in TypeScript allow you to extend existing type definitions, such as those provided by the Express framework. This is particularly useful when you want to add additional properties or methods to the request or response objects in Express, ensuring type safety and IntelliSense support in your IDE.

Basic Example:

For a basic example, you might want to add a user property to the Express Request object to have user information readily available in all route handlers after authentication.

Here's how you can extend the request object in TypeScript:

• Create a new type that extends the existing Request type from Express.
• Use TypeScript's module augmentation to add your custom property.

import { Request, Response, NextFunction } from 'express';

// Define a custom User interface
interface User {
  id: number;
  name: string;
  email: string;
}

// Extend the Express Request interface
declare module 'express-serve-static-core' {
  interface Request {
    user?: User;
  }
}

// Example middleware that adds a user to the request object
const addUserToRequestMiddleware = (req: Request, res: Response, next: NextFunction) => {
  // Your logic to determine the user, possibly from a database or token
  req.user = { id: 1, name: 'John Doe', email: 'john@example.com' };
  next();
};

Advanced Example:

For a more advanced example, you might want to add a utility method to the response object, such as a method to standardize API responses.

Here's how you can extend the response object with custom methods:

• Extend the Response type with your custom method.
• Implement the method in middleware to make it available in route handlers.

import { Request, Response, NextFunction } from 'express';

// Extend the Express Response interface
declare module 'express-serve-static-core' {
  interface Response {
    apiResponse: (status: number, data: any, message?: string) => void;
  }
}

// Middleware that adds the apiResponse method to the response object
const apiResponseMiddleware = (req: Request, res: Response, next: NextFunction) => {
  res.apiResponse = (status: number, data: any, message = 'Success') => {
    res.status(status).json({ status, message, data });
  };
  next();
};

// Example usage in a route handler
const someRouteHandler = (req: Request, res: Response) => {
  // Your route logic here...
  // Instead of res.json, use the standardized apiResponse method
  res.apiResponse(200, { key: 'value' }, 'Data retrieved successfully');
};

In this advanced example:

• A new method apiResponse is added to the Response object using module augmentation.
• A middleware apiResponseMiddleware is created that attaches this method to the response object so it can be used in all subsequent route handlers.
• The apiResponse method takes a status code, data object, and an optional message string, then sends a standardized JSON response to the client.
• This utility method enhances the consistency of API responses and makes it easier to maintain response formats across different parts of the application.

22. Advanced Routing:

Use Express Router to organize your routes into modular, mountable route handlers. TypeScript can help enforce the structure and parameters of these routes.

Advanced Routing:

Advanced routing in Express allows you to organize your code into modular, mountable route handlers. With TypeScript, you can enforce the structure and parameters of these routes for better maintainability and readability.

Basic Express Router Example Code Explanation:

import express, { Request, Response } from 'express';

// Create a new router object
const router = express.Router();

// Define a simple route on the router
router.get('/greet', (req: Request, res: Response) => {
  res.send('Hello, World!');
});

// Create an Express application
const app = express();

// Mount the router on the app
app.use(router);

// Start the application
app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In the basic example:

• We define a router using express.Router().
• We add a route to the router that responds to GET requests on the /greet path.
• We then mount this router on an Express application using app.use().
• This allows for separation of route handling and makes the codebase cleaner and more manageable.

Advanced Modular Routing with Express and TypeScript Example Code Explanation:

import express, { Request, Response, Router } from 'express';

// Create a new router object for users
const usersRouter = Router();

// Define a route on the users router
usersRouter.get('/:id', (req: Request, res: Response) => {
  // TypeScript enforces the structure of req.params
  const userId = req.params.id;
  res.send(`User ID: ${userId}`);
});

// Create another router for products
const productsRouter = Router();

// Define a route on the products router
productsRouter.get('/:id', (req: Request, res: Response) => {
  // TypeScript enforces the structure of req.params
  const productId = req.params.id;
  res.send(`Product ID: ${productId}`);
});

// Create an Express application
const app = express();

// Mount the routers on the app under different paths
app.use('/users', usersRouter);
app.use('/products', productsRouter);

// Start the application
app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

In the advanced example:

• We create two separate routers: usersRouter and productsRouter.
• Each router defines routes that are specific to the entity it represents (users or products).
• The :id in the route path is a route parameter that Express parses from the URL; TypeScript can enforce that this parameter is a string.
• We mount these routers on different paths in the main Express application, which provides a namespace for the routes (/users and /products).
• This modular approach is scalable and makes the codebase more organized, especially as the application grows. It also helps in maintaining separation of concerns.

23. Handling Promises and Errors in Middleware:

Craft middleware that returns promises and ensure that errors within these promises are correctly caught and passed to Express's error-handling middleware.

Handling promises and errors effectively in middleware is crucial for building robust Express applications. Below are examples demonstrating how to handle asynchronous operations and errors within middleware in both a basic and advanced context using TypeScript.

Basic Promise Handling and Error Propagation in Middleware:

import express, { Application, Request, Response, NextFunction } from 'express';

const app: Application = express();
const PORT = process.env.PORT || 3000;

// Asynchronous middleware that returns a promise
const asyncMiddleware = (req: Request, res: Response, next: NextFunction) => {
  new Promise((resolve, reject) => {
    // Simulate some async operation
    setTimeout(() => {
      const result = 'Async operation complete';
      resolve(result);
    }, 1000);
  })
  .then((result) => {
    // Pass result to the next middleware or route
    req.body.asyncResult = result;
    next();
  })
  .catch(next); // Error handling: pass any caught errors to the next error handling middleware
};

app.use(asyncMiddleware);

// Route that uses the result from the asyncMiddleware
app.get('/', (req: Request, res: Response) => {
  res.send(req.body.asyncResult);
});

// Error handling middleware
app.use((err: any, req: Request, res: Response, next: NextFunction) => {
  console.error(err);
  res.status(500).send('An error occurred');
});

app.listen(PORT, () => {
  console.log(`Server is running on port ${PORT}`);
});

In the basic example, we've created an asynchronous middleware that performs an asynchronous operation within a Promise. If the operation is successful, it attaches the result to the req object and calls next() to proceed to the next middleware or route handler. If an error occurs, it's caught and passed along to the error-handling middleware using next.

Advanced Promise Handling and Error Propagation in Middleware:

For an advanced setup, you might incorporate more sophisticated promise-based operations, such as database queries or external API calls, with additional error handling:

import express, { Application, Request, Response, NextFunction } from 'express';
import axios from 'axios';

const app: Application = express();
const PORT = process.env.PORT || 3000;

// Asynchronous middleware that performs a database query or external API call
const fetchDataMiddleware = async (req: Request, res: Response, next: NextFunction) => {
  try {
    const response = await axios.get('https://jsonplaceholder.typicode.com/todos/1');
    req.body.todo = response.data;
    next();
  } catch (error) {
    next(error);
  }
};

app.use(fetchDataMiddleware);

// Route that uses the data fetched by fetchDataMiddleware
app.get('/', (req: Request, res: Response) => {
  res.json(req.body.todo);
});

// Error handling middleware
app.use((err: any, req: Request, res: Response, next: NextFunction) => {
  console.error(err);
  // Determine if it's an Axios error
  if (err.response) {
    // Respond with the status code from the external API if available
    res.status(err.response.status).send(err.response.data);
  } else {
    // Generic error response
    res.status(500).send('An internal error occurred');
  }
});

app.listen(PORT, () => {
  console.log(`Server is running on port ${PORT}`);
});

In the advanced example, we use an async function for the middleware to perform an HTTP GET request using axios. We handle both the successful response and any errors with try/catch. Errors are passed to the next error handling middleware, providing a way to respond with specific details if the error originates from the external API call.

These examples should give you a good understanding of how to work with promises and handle errors within Express middleware, while also demonstrating how TypeScript can be used to ensure type safety and catch potential issues at compile time.

24. Implementing RESTful Services:

Adopt REST principles to design and implement services with clear, standard-conforming endpoints. TypeScript interfaces can define the expected request and response structures for these services.

Implementing RESTful Services:

RESTful services are designed around the principles of REST (Representational State Transfer), which emphasize a stateless client-server architecture where each HTTP request contains all the information needed to execute the request. REST uses standard HTTP methods and status codes to make the APIs easy to understand and use.

Basic RESTful Service Example: Here's a basic example of a RESTful service in TypeScript that defines a simple CRUD API for managing users. The example uses TypeScript interfaces to define the shape of data.

import express from 'express';
import { Request, Response } from 'express';

// Define interfaces for the request and response data structures
interface User {
  id: number;
  name: string;
  email: string;
}

// Mock database
const users: User[] = [
  { id: 1, name: 'John Doe', email: 'john@example.com' }
];

const app = express();
app.use(express.json());

// GET all users
app.get('/users', (req: Request, res: Response) => {
  res.status(200).json(users);
});

// GET a single user by ID
app.get('/users/:id', (req: Request, res: Response) => {
  const user = users.find(u => u.id === parseInt(req.params.id));
  if (user) {
    res.status(200).json(user);
  } else {
    res.status(404).send('User not found');
  }
});

// POST a new user
app.post('/users', (req: Request, res: Response) => {
  const newUser: User = req.body;
  users.push(newUser);
  res.status(201).json(newUser);
});

// PUT update a user by ID
app.put('/users/:id', (req: Request, res: Response) => {
  const index = users.findIndex(u => u.id === parseInt(req.params.id));
  if (index >= 0) {
    const updatedUser: User = req.body;
    users[index] = updatedUser;
    res.status(200).json(updatedUser);
  } else {
    res.status(404).send('User not found');
  }
});

// DELETE a user by ID
app.delete('/users/:id', (req: Request, res: Response) => {
  const index = users.findIndex(u => u.id === parseInt(req.params.id));
  if (index >= 0) {
    users.splice(index, 1);
    res.status(204).send(); // No content
  } else {
    res.status(404).send('User not found');
  }
});

app.listen(3000, () => {
  console.log('Server started on port 3000');
});

Advanced RESTful Service Example: For a more advanced scenario, you might use a framework like routing-controllers along with typeorm for database interaction. The following example assumes that you have set up typeorm with a User entity.

import 'reflect-metadata';
import { createExpressServer, Body, Param, JsonController, Get, Post, Put, Delete } from 'routing-controllers';
import { getRepository } from 'typeorm';
import { User } from './entity/User';

@JsonController('/users')
class UserController {
  private userRepository = getRepository(User);

  @Get()
  async getAll() {
    const users = await this.userRepository.find();
    return users;
  }

  @Get('/:id')
  async getOne(@Param('id') id: number) {
    const user = await this.userRepository.findOne(id);
    return user;
  }

  @Post()
  async post(@Body() user: User) {
    const newUser = await this.userRepository.save(user);
    return newUser;
  }

  @Put('/:id')
  async put(@Param('id') id: number, @Body() user: Partial<User>) {
    await this.userRepository.update(id, user);
    return await this.userRepository.findOne(id);
  }

  @Delete('/:id')
  async remove(@Param('id') id: number) {
    await this.userRepository.delete(id);
    return 'User deleted';
  }
}

const app = createExpressServer({
  controllers: [UserController]
});

app.listen(3000, () => {
  console.log('Server started on port 3000');
});

In this advanced example, routing-controllers provides decorators that map class methods to RESTful endpoints, and typeorm is used to handle database operations. This approach leads to much cleaner and more declarative code that separates concerns and adheres to REST principles.

25. Real-time Communication:

Integrate WebSocket communication with libraries like socket.io for real-time features in your Express application. TypeScript can help define the shape of the data being sent and received, ensuring consistency and reliability in real-time communication.

Real-time Communication:

Real-time communication in web applications allows for live updates and instant interactions between the server and clients. Libraries like socket.io make it easier to implement WebSocket communication, which facilitates bidirectional and low-latency communication over a single, long-lived connection.

Basic Example:

Integrating socket.io with an Express application involves setting up the library to listen for connections and then handling events such as connection, message, and disconnect.

Here's how to set up a basic WebSocket communication with socket.io in TypeScript:

• Install socket.io and its TypeScript definitions.
• Set up socket.io alongside an Express server.
• Handle basic WebSocket events.

import express from 'express';
import { createServer } from 'http';
import { Server } from 'socket.io';

const app = express();
const httpServer = createServer(app);
const io = new Server(httpServer);

// Handle WebSocket connections
io.on('connection', (socket) => {
  console.log('A user connected');

  // Handle receiving a message from the client
  socket.on('message', (message) => {
    console.log('Received message:', message);
  });

  // Handle client disconnection
  socket.on('disconnect', () => {
    console.log('A user disconnected');
  });
});

// Start the HTTP server
httpServer.listen(3000, () => {
  console.log('Server is running on port 3000');
});

Advanced Example:

In more complex applications, you might need to handle structured data, emit events to specific clients, manage rooms or namespaces, and ensure type safety for the data being transmitted.

Here's an advanced setup with structured data and rooms using socket.io:

• Define TypeScript interfaces for the data shapes.
• Use rooms to emit events to subsets of clients.
• Ensure that messages sent and received conform to the defined TypeScript interfaces.

import express from 'express';
import { createServer } from 'http';
import { Server } from 'socket.io';

interface ChatMessage {
  username: string;
  message: string;
}

const app = express();
const httpServer = createServer(app);
const io = new Server(httpServer);

io.on('connection', (socket) => {
  // Join a room
  socket.on('joinRoom', (room) => {
    socket.join(room);
    console.log(`User joined room: ${room}`);
  });

  // Handle chat messages
  socket.on('chatMessage', (msg: ChatMessage) => {
    io.to(msg.room).emit('chatMessage', msg); // Emit to all clients in the room
  });

  // Leave the room if the user disconnects
  socket.on('disconnect', () => {
    socket.rooms.forEach((room) => {
      socket.leave(room);
    });
    console.log('User disconnected and left the rooms');
  });
});

httpServer.listen(3000, () => {
  console.log('Server with real-time communication is running on port 3000');
});

In the advanced example:

• TypeScript interfaces are used to define the structure of the data for chat messages, enforcing type safety for the chatMessage event.
• Clients can join and leave rooms, which are ways to segregate clients into groups for targeted broadcasting.
• The server listens for joinRoom and chatMessage events and handles them appropriately, including broadcasting messages to all clients in a specific room.