Node and Express are the runtime and HTTP framework for your API. Topics here cover bootstrapping the app, parsing JSON bodies, and structured logging—everything that runs before a route handler executes. Master this layer first so later routers and controllers plug into a consistent foundation.
Application-level middleware
Matches Application-level middleware: JSON parsing, logging, and app-wide CORS.
Create the Express app instance and register core middleware before defining routes.
Learn: Every Express API starts with a single app instance. Register global middleware (JSON parsing, logging, CORS) before routes so every request is prepared the same way. Keep app.js focused on wiring; move route logic into routers as the project grows.
Register pino-http (or similar) on the app to log each incoming request.
Learn: Request logging answers “what hit the server?” in production. pino-http attaches a logger to each request so handlers can log with context. Place it early in the middleware stack, after body parsers if you log POST bodies sparingly.
Centralize logger setup in a config module with log level and custom request IDs.
Learn: Centralizing logger setup avoids duplicating log level and formatting rules. Use environment variables for LOG_LEVEL in development vs production, and generate a request ID (e.g. nanoid) so log lines for one request can be correlated.
Apply the cors middleware on the Express app so all routes allow cross-origin requests.
Learn: Browsers block cross-origin API calls unless the server sends CORS headers. App-wide CORS is simplest when a single frontend origin talks to your API. Tighten options in production—avoid `origin: '*'` if cookies or credentials matter.