How to handle middleware in Express

Thursday, November 20, 2025

#nodejs #express #middleware #authentication #logging

Middleware functions are the backbone of Express applications, providing a way to process requests before they reach route handlers. With over 25 years of experience in backend development and as the creator of CoreUI, I’ve built countless APIs that rely on middleware for authentication, logging, and data processing. The most effective approach is using app.use() to register middleware functions that execute in order for each request. This pattern provides modularity, reusability, and clean separation of concerns in your Express application.

Use app.use() to register middleware functions that process requests before they reach your route handlers.

const express = require('express')
const app = express()

// Global logging middleware
app.use((req, res, next) => {
  console.log(`${req.method} ${req.path} - ${new Date().toISOString()}`)
  next()
})

// JSON parsing middleware
app.use(express.json())

// Authentication middleware for protected routes
const authMiddleware = (req, res, next) => {
  const token = req.headers.authorization
  if (!token) {
    return res.status(401).json({ error: 'No token provided' })
  }
  // Verify token logic here
  next()
}

// Apply auth middleware to specific routes
app.use('/api/protected', authMiddleware)

app.get('/api/protected/users', (req, res) => {
  res.json({ users: ['John', 'Jane'] })
})

This example demonstrates three types of middleware: global logging middleware that runs for all requests, built-in JSON parsing middleware, and custom authentication middleware applied to specific route paths. Each middleware function receives req, res, and next parameters, where next() passes control to the next middleware in the chain.

Best Practice Note:

This middleware pattern is used extensively in CoreUI’s backend templates for consistent request processing and security. Always call next() unless you’re ending the response, and place middleware in the correct order since they execute sequentially.

Speed up your responsive apps and websites with fully-featured, ready-to-use open-source admin panel templates—free to use and built for efficiency.

About the Author

Łukasz Holeczek, Founder of CoreUI, is a seasoned Fullstack Developer and entrepreneur with over 25 years of experience. As the lead developer for all JavaScript, React.js, and Vue.js products at CoreUI, they specialize in creating open-source solutions that empower developers to build better and more accessible user interfaces.

With expertise in TypeScript, JavaScript, Node.js, and modern frameworks like React.js, Vue.js, and Next.js, Łukasz combines technical mastery with a passion for UI/UX design and accessibility. CoreUI’s mission is to provide developers with tools that enhance productivity while adhering to accessibility standards.

Łukasz shares its extensive knowledge through a blog with technical software development articles. It also advises enterprise companies on building solutions from A to Z. Through CoreUI, it offers professional services, technical support, and open-core products that help developers and businesses achieve their goals.

Learn more about CoreUI’s solutions and see how your business can benefit from working with us.