Middleware

The REST API Template groups all middleware under src/middleware/ for clear organization and reusability.
Each file handles a specific responsibility and can be applied globally or per-route.

Common Middleware

Example: Global Middleware

In src/app.js, global middleware is applied before route registration:

import express from "express"
import morgan from "morgan"
import helmet from "helmet"
import cors from "cors"
 
const app = express()
 
app.use(express.json())
app.use(cors())
app.use(helmet())
app.use(morgan("dev"))

Add your own middleware here (logging, compression, etc.) as needed.

Example: Route-Level Middleware

Apply middleware directly on a route to protect or validate it:

import express from "express"
import { auth } from "../middleware/auth.middleware.js"
import { validateRequest } from "../middleware/validateRequest.middleware.js"
import { createUserSchema } from "../schemas/user.schema.js"
 
const router = express.Router()
 
router.post("/register", validateRequest(createUserSchema), auth, (req, res) => {
  res.json({ message: "User registered successfully" })
})
 
export default router

Notes

• Always load error.middleware.js after routes.
• Keep middleware modular — each should do one thing well.
• You can create custom middleware (e.g., requestLogger.js) and include it globally in app.js.

Consistent middleware structure keeps your codebase predictable, maintainable, and easy to extend.