expressjs cheat sheet

Expressjs is a npm package or we can say a web framework for nodejs. When we working on a node js-express js project we need several packages.

“npm install express” -> it will install the express js module inside the node project. 

Let’s make a simple express js app.

const express = require('express') const app = express() const path = require('path') const port = 3000 // basic get request for default route app.get('/',function(req, res){     res.send('welcome to home i am shimanta das') }) // send HTML file as response on '/about' route app.get('/about',function(req, res){     res.sendFile(path.join(__dirname, 'about.html')) }) app.listen(port,function(){     console.log('app listen port', port); })

When you are working on this app, every time when you make some changes into this app, you should also need to restart the server every time, for preventing this problem, you can use ‘nodemon’.

It's a kind of reloader for node js apps whenever you make some changes into an application. You can install this globally “npm install -g nodemon”

For installing this package locally inside node app: “npm i nodemon”

We can send json responses too.

const express = require('express') const app = express() const port = 3000 app.get('/',function(req, res){    res.json({"name":"domnick"}) }) app.listen(port,function(){     console.log('app listen port', port); })

We can send parameters via url

const express = require('express') const path = require('path') const app = express() const port = 3000 app.get('/',function(req, res){     res.json({"message":"got it"}) }) app.get('/blog/:postName',function(req, res){     let post = req.params.postName;     res.json({"name": post}) })

We can set optional parameter via url

app.get('/blog/:postName/:category?',function(req, res){     let post = req.params.postName;     let cat = req.params.category;     res.json({"name": post, "cat": cat}) })

We can set static files in the express app. 

“app.use(express.static(“static”))”

We can add different routes inside index.js

# index.js const express = require('express') const path = require('path') const app = express() const port = 3000 app.use(express.static(path.join(__dirname, 'static'))) app.get('/',function(req, res){     res.json({"message":"i got it"}) }) app.use('/account', require('./routes/users')) app.listen(port, function(req, res){     console.log("running"); }) # routes/users.js const express = require('express') const router = express.Router() const path = require('path') router.get('/',function(req, res){     res.json({"message":"user page"}) }) router.post('/register', function(req, res){     res.sendFile(path.join(__dirname, '../forms/register.html')) }) module.exports = router;

We can make a POST request and get the body of the request.you can test via postman

const express = require('express') const app = express() const port = 3000 app.use(express.json()) app.use(express.urlencoded({extended: true})) app.post('/register',function(req, res){     console.log(req.body);     res.json({"message":"saved"}) }) app.listen(port, function () {     console.log('app listen port', port); })

—------------------------------------------------------------------------------------------------------------------------

express.js with mongodb - crud

First build the connection with mongodb

mongoose.connect('mongodb+srv://iamshimantadas:9icJ@cluster0.nyxj0fc.mongodb.net/demo3?retryWrites=true&w=majority&appName=Cluster0').then(() => {     console.log("Database connected successfully"); })     .catch((error) => {         console.error("Database connection failed:");     }); app.use(express.json()) app.get('/', function (req, res) {     res.send('account page') })

We can register/insert record via mongoose

// schema.js const mongoose = require('mongoose'); const schema = mongoose.Schema({     name:{         type: String,     },     email:{         type: String,         unique: true,     },     address: {         type: String,     }, }) module.exports = schema; // index.js app.post('/register', async function (req, res) {     const salt = await bcrypt.genSalt(saltRounds);     const hashedPassword = await bcrypt.hash(req.body.password, salt);     try {         await User.create({             name: req.body.name,             email: req.body.email,             password: hashedPassword,             phone: req.body.phone,         })         res.json({ "message": "account created!" })     }     catch (err) {         console.log(err);     } })

Model

const mongoose = require('mongoose') const schema = new mongoose.Schema({     name:{         type: String     },     email:{         type: String,         unique: true,     },     password: {         type: String     },     phone: {         type: BigInt,     } }) const User = new mongoose.model('accounts', schema) module.exports = User;

Login, Update, Patch & Delete 

app.post('/login', async function (req, res) {     const access_time = process.env.ACCESS_TOKEN_IN_MINUTES;     const refresh_time = process.env.REFRESH_TOKEN_IN_MINUTES;     try {         const User_obj = await User.findOne({ email: req.body.email });         const result = await bcrypt.compare(req.body.password, User_obj.password);         if (result) {             let obj = { "email": req.body.email }             res.json({ "message": "credentials match", "access_token": Token.generate_jwt(access_time, obj), "refresh_token": Token.generate_jwt(refresh_time, obj) })         }         else {             res.json({ "message": "invalid credentials" })         }     } catch (err) {         res.json({ "message": "error" })     } }) app.put('/update', async function (req, res) {     // getting token from header     let token = req.header('authorization');     token = token.split(" ");     token = token[1];     if (Token.verify_jwt(token)) {         try {             let user = await User.findOne({ "email": Token.verify_jwt(token) })             user.name = req.body.name;             user.email = req.body.email;             user.phone = req.body.phone;             user.save()             res.json({ "message": "record updated" })         } catch (err) {             console.log(err);             res.json({ "message": "error" })         }     } else {         res.json({ "message": "token expired" })     } }) app.patch('/patch', async function (req, res) {     // getting token from header     let token = req.header('authorization');     token = token.split(" ");     token = token[1];     try {         const user = await User.findOne({ "email": Token.verify_jwt(token) })         if (req.body.name) {             user.name = req.body.name             user.save()             res.json({ "message": "name field updated" })         }         if (req.body.email) {             user.email = req.body.email             user.save()             res.json({ "message": "email field updated" })         }         if (req.body.password) {             const salt = await bcrypt.genSalt(saltRounds);             const hashedPassword = await bcrypt.hash(req.body.password, salt);             user.password = hashedPassword             user.save()             res.json({ "message": "password field updated" })         }         if (req.body.phone) {             user.phone = req.body.phone;             user.save()             res.json({ "message": "phone field updated" })         }     } catch (err) {         console.log(err);         res.status(500).json({ "message": "error" })     } }) app.delete('/delete', async function (req, res) {     // getting token from header     let token = req.header('authorization');     token = token.split(" ");     token = token[1];     try {         await User.deleteOne({"email": Token.verify_jwt(token)}).then(function(){             console.log("record deleted");         }).catch(function(err){             console.log(err);         })         res.status(200).json({"message":"record deleted"})     } catch (err) {         console.log(err);         res.status(500).json({ "message": "error" })     } })

Password hashing in node js using bcrypt

Password salting adds a random string (the salt) to a password before hashing it. This way, the hash generated will always be different each time. Even if a hacker obtains the hashed password, it will take them a considerable amount of time to discover the original password that generated it.

const express = require('express') const app = express() const mongoose = require('mongoose') const User = require('../models/user') const bcrypt = require('bcrypt'); const saltRounds = 10; mongoose.connect('mongodb+srv://iamshimantadas:9icv5@cluster0.nyxj0fc.mongodb.net/demo3?retryWrites=true&w=majority&appName=Cluster0').then(() => {     console.log("Database connected successfully"); })     .catch((error) => {         console.error("Database connection failed:");     }); app.use(express.json()) app.get('/', function (req, res) {     res.send('account page') }) app.post('/register', async function (req, res) {     const salt = await bcrypt.genSalt(saltRounds);     const hashedPassword = await bcrypt.hash(req.body.password, salt);     try {         const acc = await User.create({             name: req.body.name,             email: req.body.email,             password: hashedPassword,             phone: req.body.phone,         })         await acc.save()         res.json({ "message": "account created!" })     }     catch (err) {         console.log(err);     } }) app.post('/login', async function (req, res) {     const User_obj = await User.findOne({ email: req.body.email });     const result = await bcrypt.compare(req.body.password, User_obj.password);     const access_time = process.env.ACCESS_TOKEN_IN_MINUTES;     const refresh_time = process.env.REFRESH_TOKEN_IN_MINUTES;     if (result) {         let obj = { "email": req.body.email }         res.json({ "message": "credentials match", "access_token": Token.generate_jwt(access_time, obj), "refresh_token": Token.generate_jwt(refresh_time, obj) })     }     else {         res.json({ "message": "invalid credentials" })     } })

File uploads in nodejs-expressjs

const express = require('express'); const app = express(); const multer = require('multer'); const crypto = require('crypto'); // Set up storage for uploaded files const storage = multer.diskStorage({     destination: (req, file, cb) => {         cb(null, 'uploads/');     },     filename: (req, file, cb) => {         const hash = crypto.createHash('sha256');         const filename = hash.digest('hex').slice(0, 8) + file.originalname;         cb(null, filename);     } }); // Create the multer instance const upload = multer({ storage: storage }); app.use(express.json()); app.get('/', function (req, res) {     res.send('file page'); }); app.post('/upload-file', upload.single('profile'), function (req, res) {     if (!req.file) {         return res.status(400).json({ message: 'No file uploaded' });     }     const fullPath = req.headers.host+"/uploads/"+req.file.filename;          return res.status(200).json({ message: 'File uploaded successfully', filename: req.file.filename, path: fullPath }); }); module.exports = app;