Production-ready Express.js + TypeScript boilerplate with MVC architecture, JWT auth, MongoDB, security, validation, and testingβbuild scalable REST APIs fast
npm install express-ts-api-starter
> Opinionated Express + TypeScript starter with JWT authentication, MongoDB integration, comprehensive security middleware, input validation, error handling, and production-ready architectureβget your REST API running in minutes, not hours.
---
Create a new project in seconds:
``bash`
npx express-ts-api-starter my-api
cd my-api
npm install
npm run dev
Your API is ready with authentication, validation, and error handling out of the box!
---
Create a new project with a single command:
`bash`
npx express-ts-api-starter my-api
This will:
- β
Create a new project directory
- β
Copy all template files and folder structure
- β
Set up configuration files
- β
Create .env file from .env.example
Then:
`bash`
cd my-api
npm install
npm run dev
`bashClone the repository
git clone https://github.com/nikhilpktcr/express-ts-api-starter.git my-api
cd my-api
That's it! Your server is running at
with:
- β
JWT authentication ready
- β
MongoDB connection configured
- β
Security middleware active
- β
Request logging enabled
- β
Error handling in place---
β‘ Why Choose This Over Others?
$3
| Feature | Bare Express | express-ts-api-starter |
|---------|-------------|------------------------|
| Setup Time | 2-4 hours | 2 minutes β‘ |
| TypeScript | Manual config | β
Pre-configured |
| Authentication | Build from scratch | β
JWT + bcryptjs ready |
| Error Handling | Manual try-catch | β
Global middleware |
| Request Logging | Manual setup | β
Morgan with request IDs |
| Input Validation | Manual validation | β
express-validator integrated |
| Security | Manual headers | β
Helmet + CORS configured |
| Database | Manual connection | β
MongoDB/Mongoose ready |
| Testing | Manual Jest setup | β
Jest configured with examples |
| Code Quality | No linting | β
ESLint + Prettier ready |
| Graceful Shutdown | Not included | β
Production-ready |
$3
| Feature | Other Starters | express-ts-api-starter |
|---------|---------------|------------------------|
| Architecture | Varies | β
MVC with functional services (clean, testable) |
| Request Tracking | Rare | β
Unique request IDs (debugging made easy) |
| Error Handling | Basic | β
Comprehensive with graceful shutdown |
| Validation | Optional | β
Built-in express-validator |
| Logging | Basic | β
Morgan with request ID correlation |
| TypeScript | Sometimes | β
100% TypeScript with strict mode |
| Documentation | Minimal | β
Well-documented with examples |
| Testing | Sometimes | β
Jest with test examples included |
| CLI Tool | Sometimes | β
Built-in CLI generator |
$3
| Feature | NestJS | express-ts-api-starter |
|---------|--------|------------------------|
| Setup Time | 10-15 minutes | β‘ 2 minutes |
| Learning Curve | High (new framework) | β
Low (Express knowledge) |
| Bundle Size | ~200KB+ | β
~50KB (lightweight) |
| Flexibility | Framework-driven | β
High (minimal abstraction) |
| Request Tracking | Manual setup | β
Built-in request IDs |
| Security (Out of Box) | Manual config | β
Pre-configured |
π See detailed NestJS comparison β
---
π― Key Strengths
$3
- JWT-based authentication with secure token generation
- bcryptjs password hashing (industry standard)
- Helmet.js for HTTP security headers
- CORS configured for cross-origin requests
- Rate limiting ready to prevent DDoS attacks
- Request ID tracking for security auditing$3
- express-validator middleware pre-configured
- Type-safe validation with TypeScript
- Reusable validation rules in dedicated validators folder
- Automatic error responses for invalid inputs$3
- Global error middleware catches all errors
- Standardized error responses across all endpoints
- Request ID included in error responses for debugging
- Graceful shutdown handles SIGTERM/SIGINT properly
- Uncaught exception handling prevents crashes$3
- Morgan logging with custom format
- Request ID correlation for tracking requests across services
- Structured logging ready for production monitoring
- Error logging with stack traces$3
- MVC pattern with clear separation of concerns
- Functional service layer (easier to test than classes)
- Modular structure - each feature is self-contained
- Scalable design - grow from startup to enterprise---
π¦ What's Included
$3
- β
Express.js v5 - Latest framework version
- β
TypeScript 5.8 - Full type safety with strict mode
- β
MongoDB + Mongoose - Database integration ready
- β
JWT Authentication - Secure token-based auth
- β
bcryptjs - Password hashing
- β
express-validator - Input validation
- β
Helmet - Security headers
- β
CORS - Cross-origin resource sharing
- β
Morgan - HTTP request logging
- β
Multer - File upload support
- β
express-rate-limit - Rate limiting
- β
Jest - Testing framework with examples
- β
ESLint + Prettier - Code quality tools
$3
- β
CLI Tool - Generate projects with one command
- β
Hot reload - See changes instantly
- β
TypeScript declarations - Full IntelliSense support
- β
Pre-configured scripts - dev, build, test, lint
- β
Example code - User module with CRUD operations
- β
Test examples - Learn testing patterns
- β
Well-documented - Clear code structure
---
π Project Structure
`
src/
βββ modules/ # Feature modules (MVC pattern)
β βββ users/
β βββ userController.ts # HTTP request handlers
β βββ userService.ts # Business logic
β βββ userMessage.ts # Constants/messages
β βββ tests/ # Unit tests
βββ routes/ # API route definitions
βββ middleware/ # Express middleware
β βββ auth.ts # JWT authentication
β βββ errorMiddleware.ts
β βββ validatorMiddleware.ts
β βββ requestIdMiddleware.ts
βββ config/ # Configuration files
β βββ dbConfig.ts # MongoDB connection
β βββ envConfig.ts # Environment variables
β βββ rateLimitConfig.ts
βββ models/ # Mongoose schemas
βββ validators/ # Input validation rules
βββ utils/ # Utility functions
βββ types/ # TypeScript type definitions
βββ app.ts # Express app setup
---
π§ Available Commands
bash
Development
npm run dev # Start dev server with hot reloadProduction
npm run build # Compile TypeScript to JavaScript
npm start # Start production serverTesting
npm test # Run test suite
npm test -- --watch # Run tests in watch mode
npm test -- --coverage # Run with coverage reportCode Quality
npm run lint # Check for linting errors
npm run lint:fix # Auto-fix linting errors
`---
π Configuration
$3
Create a
file:`env
Server
NODE_ENV=development
PORT=5000
BASIC_API_URL=/api/v1Database
DB_CONNECTION=mongodb://localhost:27017/
DB_NAME=testDBAuthentication
JWT_SECRET=your-super-secret-jwt-key-change-in-production
`See
for all available options.---
π§ͺ Testing
`bash
Run all tests
npm testWatch mode
npm test -- --watchCoverage report
npm test -- --coverage
`Example test included in
---
π Standardized API Responses
All responses follow a consistent format:
Success:
json
{
"success": true,
"requestId": "550e8400-e29b-41d4-a716-446655440000",
"message": "Operation successful",
"response": { "data": "..." }
}
`Error:
json
{
"success": false,
"requestId": "550e8400-e29b-41d4-a716-446655440000",
"error": "Error message"
}
`---
π Security Features
- Helmet - Sets secure HTTP headers
- CORS - Configurable cross-origin requests
- JWT - Secure token-based authentication
- bcryptjs - Password hashing (10 rounds)
- Rate Limiting - DDoS protection ready
- Input Validation - Prevents injection attacks
- Request ID Tracking - Security audit trail
---
π¦ Production Ready
- β
Graceful shutdown - Handles SIGTERM/SIGINT
- β
Error handling - Global error middleware
- β
Logging - Request tracking with unique IDs
- β
Type safety - Full TypeScript coverage
- β
Testing - Jest framework configured
- β
Code quality - ESLint + Prettier
---
π― Perfect For
- π REST APIs - Full-featured API servers
- π§ Microservices - Scalable service architecture
- π’ Enterprise Apps - Production-ready foundation
- π Learning - Best practices and patterns
- β‘ MVPs - Quick prototype development
- π± Backend Services - Complex business logic
---
π§ Tech Stack
- Runtime: Node.js v20+
- Framework: Express.js v5
- Language: TypeScript 5.8
- Database: MongoDB with Mongoose
- Security: Helmet, CORS, JWT, bcryptjs
- Validation: express-validator
- Logging: Morgan
- Testing: Jest
- Linting: ESLint + Prettier
---
π€ Contributing
Contributions welcome! Please:
1. Fork the repository
2. Create a feature branch (
)
3. Commit changes (git commit -m 'Add amazing feature')
4. Push to branch (git push origin feature/amazing-feature)
5. Open a Pull Request---
π License
MIT License - see LICENSE file for details.
Free for personal and commercial use! β¨
---
π¬ Support
- Email: nikhil.pk.connect@gmail.com
- GitHub Issues: Report bugs
- GitHub: @nikhilpktcr
---
π Show Your Support
If this boilerplate helps your project:
- β Star the repository on GitHub
- π¦ Use the npm package in your projects
- π Report issues you encounter
- π‘ Suggest features and improvements
- π Share with other developers
---
π― Roadmap
- [ ] API Documentation (Swagger/OpenAPI)
- [ ] Health check endpoint
- [ ] Pagination utility
- [ ] Redis caching layer
- [ ] Docker & Docker Compose
- [ ] CI/CD pipeline examples
- [ ] More comprehensive test suite
---
Ready to build? Start your next API project in minutes:
`bash
npx express-ts-api-starter my-api
``Happy coding! π