How to use body-parser in Express
Łukasz Holeczek
Follow Łukasz Holeczek on GitHub
Connect with Łukasz Holeczek on LinkedIn
Follow Łukasz Holeczek on X (Twitter)
Parsing request bodies is essential for handling POST, PUT, and PATCH requests in Express applications that receive form data or JSON. As the creator of CoreUI with over 25 years of backend development experience, I’ve handled countless API implementations that require proper body parsing. The most modern approach is using Express’s built-in body parsing middleware instead of the separate body-parser package. This provides reliable parsing for JSON, URL-encoded data, and raw content with built-in security features.
Use Express’s built-in body parsing middleware with express.json() and express.urlencoded() to handle request bodies.
const express = require('express')
const app = express()
// Parse JSON bodies (application/json)
app.use(express.json({ limit: '10mb' }))
// Parse URL-encoded bodies (application/x-www-form-urlencoded)
app.use(express.urlencoded({ extended: true, limit: '10mb' }))
// Example POST route that uses parsed body
app.post('/api/users', (req, res) => {
const { name, email } = req.body
if (!name || !email) {
return res.status(400).json({ error: 'Name and email required' })
}
// Process user creation
res.json({ message: 'User created', user: { name, email } })
})
app.listen(3000, () => {
console.log('Server running on port 3000')
})
This setup uses Express’s built-in parsing middleware which is now preferred over the separate body-parser package. The express.json() middleware parses JSON request bodies, while express.urlencoded() handles form data. The extended: true option allows for rich objects and arrays to be encoded in URL-encoded format, and the limit option prevents oversized payloads.
Best Practice Note:
This is the standard approach used in CoreUI’s Node.js templates for secure, efficient request body parsing. Always set appropriate size limits to prevent DoS attacks and validate parsed data before processing.
