Node and Express are the runtime and HTTP framework for your API. Topics here cover bootstrapping the app, parsing JSON bodies, and structured logging—everything that runs before a route handler executes. Master this layer first so later routers and controllers plug into a consistent foundation.

How to enable CORS — Basic — app-wide

Apply the cors middleware on the Express app so all routes allow cross-origin requests.
Learn: Browsers block cross-origin API calls unless the server sends CORS headers. App-wide CORS is simplest when a single frontend origin talks to your API. Tighten options in production—avoid `origin: '*'` if cookies or credentials matter.

Supplementary examples

Default CORS for all routes

const cors = require("cors");
app.use(cors());

Restrict to one frontend origin

app.use(
  cors({
    origin: process.env.FRONTEND_URL || "http://localhost:3000",
    credentials: true,
  })
);

Course example

const logger = require("./config/logger");
const app = express();
app.use(logger);
app.use(cors());
app.use(express.json());
// Some code omitted for brevity

Additional references & examples

← All Application-level middleware · Node / Express