Mastering Error Handling in Express.js: Advanced Techniques for Building Resilient Applications
Why Error Handling Matters in Express.js
Error handling is one of the most crucial aspects of building a stable, secure, and scalable Express.js application. Without proper error handling, a simple bug can crash your server, expose sensitive information, or create security vulnerabilities.
Many developers focus on writing features but ignore robust error management, leading to hard-to-debug applications. In this guide, we’ll go beyond basic try-catch statements and explore advanced techniques to handle errors in Express.js like a pro.
Understanding Error Handling in Express.js
Express provides a built-in error-handling mechanism using middleware. When an error occurs, you pass it to the next function using next(err), and Express routes it to the error-handling middleware.
A basic error-handling middleware looks like this:
app.use((err, req, res, next) => {
console.error(err.stack);
res.status(500).json({ message: "Something went wrong" });
});While this works for small applications, it’s not scalable. Let’s dive into advanced techniques to improve this.
Creating Custom Error Classes
Instead of using generic Error objects, we can create custom error classes to categorize different errors properly.
Example: Custom Error Class
class AppError extends Error {
constructor(message, statusCode) {
super(message);
this.statusCode = statusCode;
this.isOperational = true; // Mark as an operational error
Error.captureStackTrace(this, this.constructor);
}
}
// Specific errors
class NotFoundError extends AppError {
constructor(message = "Resource not found") {
super(message, 404);
}
}
class ValidationError extends AppError {
constructor(message = "Invalid input") {
super(message, 400);
}
}
// Usage in route
app.get('/error', (req, res, next) => {
throw new NotFoundError("This page does not exist");
});By using custom error classes, we can distinguish between operational errors (e.g., user input mistakes) and programming errors (e.g., null pointer issues).
Centralized Error Middleware
Instead of handling errors individually in each route, we can create a centralized error-handling middleware.
Example: Centralized Error Middleware (errorHandler.js)
const errorHandler = (err, req, res, next) => {
const statusCode = err.statusCode || 500;
const message = err.message || "Internal Server Error";
res.status(statusCode).json({
success: false,
message,
});
};
module.exports = errorHandler;Use in Main App (server.js or app.js)
const errorHandler = require('./middlewares/errorHandler');
app.use(errorHandler);This ensures that all errors in the app are handled uniformly.
Handling Async Errors Properly
Express doesn’t catch async errors automatically, so you might face unhandled promise rejections.
Traditional Approach (Messy)
app.get('/async-route', async (req, res, next) => {
try {
const data = await someAsyncFunction();
res.json(data);
} catch (error) {
next(error);
}
});A better way is to automate error handling using express-async-handler.
Improved Approach (Using express-async-handler)
npm install express-async-handlerconst asyncHandler = require('express-async-handler');
app.get(
'/async-safe',
asyncHandler(async (req, res) => {
const data = await someAsyncFunction();
res.json(data);
})
);This eliminates the need for manual try-catch blocks, making code cleaner and more readable.
Preventing Uncaught Exceptions and Rejections
Some errors, like uncaught exceptions and unhandled promise rejections, can crash your server. To prevent this, use process-level error handling.
Handle Uncaught Exceptions
process.on("uncaughtException", (err) => {
console.error("Uncaught Exception:", err);
process.exit(1); // Exit process after logging
});Handle Unhandled Promise Rejections
process.on("unhandledRejection", (reason, promise) => {
console.error("Unhandled Rejection at:", promise, "reason:", reason);
});This ensures that your app doesn’t crash unexpectedly due to an unhandled error.
Logging Errors with Winston
Logging is essential for debugging errors in production. Instead of using console.log(), use Winston, a powerful logging library.
Install Winston
npm install winstonLogging Middleware with Winston
const winston = require('winston');
const logger = winston.createLogger({
level: 'error',
format: winston.format.combine(
winston.format.timestamp(),
winston.format.json()
),
transports: [
new winston.transports.Console(),
new winston.transports.File({ filename: 'errors.log' }),
],
});
app.use((err, req, res, next) => {
logger.error({
message: err.message,
statusCode: err.statusCode || 500,
stack: err.stack,
route: req.originalUrl,
});
res.status(err.statusCode || 500).json({
message: err.message || "Internal Server Error",
});
});Now, all errors are logged in errors.log for debugging.
Rate Limiting to Prevent Attacks
To prevent DoS (Denial of Service) attacks, limit the number of requests a user can make.
Install Express Rate Limit
npm install express-rate-limitApply Rate Limiting
const rateLimit = require("express-rate-limit");
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // Limit each IP to 100 requests per windowMs
message: "Too many requests, please try again later.",
});
app.use(limiter);Now, users can’t spam requests to your API.
Using Sentry for Real-Time Error Monitoring
To get real-time alerts on errors, integrate Sentry.
Install Sentry
npm install @sentry/nodeAdd Sentry Middleware
const Sentry = require("@sentry/node");
Sentry.init({ dsn: "YOUR_SENTRY_DSN" });
app.use(Sentry.Handlers.requestHandler());
app.use(Sentry.Handlers.errorHandler());With this, you get detailed error reports in Sentry’s dashboard.
Final Thoughts
Handling errors in Express.js goes beyond console.log(). Here’s a quick recap of the advanced techniques we covered:
- Custom Error Classes for structured error handling
- Centralized Error Middleware to manage errors efficiently
- Async Error Handling using
express-async-handler - Process-Level Error Handling to prevent crashes
- Logging with Winston for production debugging
- Rate Limiting to protect APIs from abuse
- Real-Time Monitoring using Sentry
By implementing these techniques, your Express.js application will be more resilient, secure, and maintainable.
