Express app.param() Method
What you’ll learn
- How to register parameter middleware using
app.param(name, callback). - How to validate route parameters once and reuse across handlers.
- How to preload data objects using route parameters.
- How to avoid common param middleware pitfalls.
Overview
app.param() is designed for parameter-specific preprocessing, so repeated validation and loading logic stays DRY.
Centralized validation
Validate IDs and reject bad parameters in one place.
Preload resources
Load user/product records once and reuse in later handlers.
Parameter-specific
Applies to named params like :userId, not all routes globally.
Syntax
javascript
app.param(name, function (req, res, next, value) {
// preprocess value
next();
});- name: parameter key from route path (for example
userId). - value: current parameter value from URL segment.
- Call
next()to continue or pass an error to abort flow.
1
Basic parameter validation
javascript
app.param('userId', function (req, res, next, userId) {
if (!/^\d+$/.test(userId)) {
return res.status(400).json({ error: 'Invalid userId' });
}
next();
});
app.get('/users/:userId', function (req, res) {
res.json({ id: req.params.userId });
});2
Preload a record for downstream handlers
javascript
app.param('postId', function (req, res, next, postId) {
var post = posts.find(function (p) { return String(p.id) === postId; });
if (!post) return res.status(404).json({ error: 'Post not found' });
req.post = post;
next();
});
app.get('/posts/:postId', function (req, res) {
res.json(req.post);
});📋 app.param() vs app.use()
| Method | Trigger | Typical use |
|---|---|---|
app.param() | Matching named route parameter | Param validation/preload |
app.use() | Matching path prefix | General middleware chain |
🧪 Testing checklist
- Verify valid parameter values reach route handlers.
- Verify invalid values return proper error response and stop execution.
- Confirm preloaded objects are available in downstream handlers.
- Ensure different param names are handled by their own middleware.
Pitfalls to avoid
Missing next()
Request hangs
Always finish with next() or send a response.
Too much logic
Hard-to-maintain handlers
Keep app.param() focused on parameter preprocessing.
Wrong assumptions
Unexpected behavior
Remember app.param('id') only applies when the route contains :id.
❓ FAQ
It attaches callback logic that runs when a route contains a specific parameter name like :userId.
It executes for matched routes that include the named parameter, before the main route handler.
Yes. It is commonly used to validate param format and load associated records.
app.param() is parameter-name specific, while app.use() matches by path and method flow.
Keep it focused on parameter-level concerns like parsing, validation, and preloading.
Summary
- Core use:
app.param()centralizes parameter validation and preprocessing. - Benefit: cleaner route handlers with reusable parameter logic.
- Practice: validate early, preload safely, and handle errors consistently.
Did you know?
app.param() runs whenever a matching route parameter name appears, making it ideal for shared param validation and loading.
4 people found this page helpful
