DEV Community

Cover image for Bulletproof Express - Enterprise-Level Express.js
João Victor Cardoso Kdouk
João Victor Cardoso Kdouk

Posted on

Bulletproof Express - Enterprise-Level Express.js

Click Here to Access It

I believe I am not the only who has read tens of express guides and never really found the perfect way of implementing it.

In fact, I am confident to say that every Node.js developer has read at least 5 to 6 different guides on writing Express applications. How to make it work is not really a problem nowadays. However, have you ever asked yourself what is the right way to do it?

With that in mind, I decided to create a boilerplate that would summarize all the best practices used nowadays in the software industry, ensuring reliability, maintainability and scalability. This is what Bulletproof Express tries to accomplish. These are the features currently provided:

  • [x] Security (HTTP Parameter Pollution, Fingerprint, XSS...)
  • [x] Support to Prisma DB (Easily Swappable)
  • [x] Error Management
  • [x] Logging (Using Sentry)
  • [x] Component Structure (Features)
  • [x] Queries and Mutators
  • [x] Testing (Using Jest)
  • [x] Permissions
  • [x] TypeScript
  • [x] Multi-Auth Support (JWT Implemented)
  • [x] Cookie Parsing Supported
  • [x] Environment Variable Parsing
  • [x] Node.js Best Practices Compliant
  • [x] Fully Asynchronous Controllers
  • [ ] Seeding
  • [ ] Testing via Docker
  • [ ] Auto-Documentation (Swagger?)

MVC into Components

This boilerplate implements a slightly modified version of Model-View-Controller Pattern. Instead of having a single file storing every endpoint of a controller, every controller is broken down into Queries and Mutators. Inside Queries, you will find operations that retrieve data (usually GET methods). Inside Mutators, you will find operations that change data (usually POST, DELETE, and PUT methods).
Queries and Mutators are joined together inside the controller-specific routes.ts, which in turn are joined by the upper-level router at /routes/index.ts.

Node.js Best Practices

This repository is compliant with Node.js Best Practices (Click Here to access their repository). Security standards are put above any decision. Testing is easy to implement and broken into individual feature, integrating it with the rest of the code as it should be. If you feel like there is any violation of those best practices, feel free to open an issue.

Special Thanks

Special thanks to the Spectrum Project (Here) for laying the foundations to Bulletproof Express. Also, many thanks to Node.js Best Practices (Here) and Bulletproof React (Here) for providing guidance on how Enterprise-Level Software should be written.

Top comments (1)

rangercoder99 profile image

Already something better exists with Next.js