res.type(type) Sets the Content-Type HTTP header to the MIME type as determined by mime.lookup() for the specified type. If type contains the “/” character, then it sets the Content-Type to type. res.type('.html'); // => 'text/html' res.type('html'); // => 'text/html' res.type('json'); // => 'application/json' res.type('application/json'); // => 'application/json' res.type('png'); // => image/png:

req.accepts(types) Checks if the specified content types are acceptable, based on the request’s Accept HTTP header field. The method returns the best match, or if none of the specified content types is acceptable, returns false (in which case, the application should respond with 406 "Not Acceptable"). The type value may be a single MIME type string (such as “application/json”), an extension name such as “json”, a comma-delimited list, or an array. For a list or array, the method returns the bes

req.body Contains key-value pairs of data submitted in the request body. By default, it is undefined, and is populated when you use body-parsing middleware such as body-parser and multer. The following example shows how to use body-parsing middleware to populate req.body. var app = require('express')(); var bodyParser = require('body-parser'); var multer = require('multer'); // v1.0.5 var upload = multer(); // for parsing multipart/form-data app.use(bodyParser.json()); // for parsing applicati

req.signedCookies When using cookie-parser middleware, this property contains signed cookies sent by the request, unsigned and ready for use. Signed cookies reside in a different object to show developer intent; otherwise, a malicious attack could be placed on req.cookie values (which are easy to spoof). Note that signing a cookie does not make it “hidden” or encrypted; but simply prevents tampering (because the secret used to sign is private). If no signed cookies are sent, the property defaul

Overview The term “production” refers to the stage in the software lifecycle when an application or API is generally available to its end-users or consumers. In contrast, in the “development” stage, you’re still actively writing and testing code, and the application is not open to external access. The corresponding system environments are known as production and development environments, respectively. Development and production environments are usually set up differently and have vastly differe

req.query This property is an object containing a property for each query string parameter in the route. If there is no query string, it is the empty object, {}. // GET /search?q=tobi+ferret req.query.q // => "tobi ferret" // GET /shoes?order=desc&shoe[color]=blue&shoe[type]=converse req.query.order // => "desc" req.query.shoe.color // => "blue" req.query.shoe.type // => "converse"

app.all(path, callback [, callback ...]) This method is like the standard app.METHOD() methods, except it matches all HTTP verbs. It’s useful for mapping “global” logic for specific path prefixes or arbitrary matches. For example, if you put the following at the top of all other route definitions, it requires that all routes from that point on require authentication, and automatically load a user. Keep in mind that these callbacks do not have to act as end-points: loadUser can perform a task, t

Use the application generator tool, express-generator, to quickly create an application skeleton. Install express-generator with the following command: $ npm install express-generator -g Display the command options with the -h option: $ express -h Usage: express [options] [dir] Options: -h, --help output usage information -V, --version output the version number -e, --ejs add ejs engine support (defaults to jade) --hbs add handlebars

req.fresh Indicates whether the request is “fresh.” It is the opposite of req.stale. It is true if the cache-control request header doesn’t have a no-cache directive and any of the following are true: The if-modified-since request header is specified and last-modified request header is equal to or earlier than the modified response header. The if-none-match request header is *. The if-none-match request header, after being parsed into its directives, does not match the etag response header. r

app.mountpath The app.mountpath property contains one or more path patterns on which a sub-app was mounted. A sub-app is an instance of express that may be used for handling the request to a route. var express = require('express'); var app = express(); // the main app var admin = express(); // the sub app admin.get('/', function (req, res) { console.log(admin.mountpath); // /admin res.send('Admin Homepage'); }); app.use('/admin', admin); // mount the sub app It is similar to the baseU