The order you add middleware is crucial:
// 1. Built-in middleware
app.use(cors());
app.use(express.json());
// 2. Custom middleware
app.use(loggingMiddleware);
// 3. Routes
app.get("/", handler);
app.get("/users", handler);
// 4. 404 handler (after all routes)
app.use(handle404);
// 5. Error handler (must be last)
app.use(errorHandler);
Why this order?
- Routes and middleware run in the order they’re defined
- 404 handler only runs if no previous route matched
- Error handler catches errors from any previous middleware/route