10 Amazing NPM Packages for your Node.js Backend

10 Amazing NPM Packages for your Node.js Backend

Node.js is one of the most popular choices out there when considering the backend technology for your website or application. Part of its popularity can be attributed to the heap of NPM packages which greatly enhances the developer experience. In this article, we’ll be going through 10 such NPM packages that increase your productivity, secures your backend, or enables new features. Let’s get started.


Sending email messages has become one of the core functionality that your backend should suffice, due to multiple use cases like sending a password reset link, notifications, and more. Nodemailer is the go-to solution for achieving this functionality. Thanks to its crystal clear documentation, it allows our backend to send plain text or HTML emails to one or multiple recipients in a secure manner. As a cherry on top, it has support for Unicode characters, email attachments, embedded images, and a plethora of other features. It is undoubtedly the best package for sending emails via Node.js and I would highly encourage you to check it out.


Joi advertises itself to be the most powerful schema description language and data validator for JavaScript, and truly so. It enables you to validate the user inputs on the server-side, which is highly recommended even if you have some sort of validation on the client-side. All you need to do is to build a schema object of valid data that you’re expecting to receive and Joi does all the heavy lifting for you. With over 3 million weekly downloads, it’s one of the best solutions to implement server-side validation in your Node.js backend.


Quite often, we may need to fetch the user’s location in terms of latitude and longitude in order to restrict the content to serve as per the geography of the user. An example could be Netflix storing the user’s location to recommend TV shows as per the demographics or a food ordering platform recommending nearby restaurants. Node-geocoder, as the name suggests, allows you to geocode or reverse geocode the entered address and retrieve the location of the user in terms of city, state, and more. With support for 20 geocoder providers including major ones like Google and HERE maps, it is exceptionally useful for particular use cases.


In case you’re familiar with MongoDB, you might have noticed that the ID that’s automatically generated is not really readable. Yet, it is largely used for routing purposes in frontend as well as backend. Slugify is one such package that we can use to address this issue and make our URLs more readable so that they end up looking like this: yourdomain.com/easy-to-read and not like this: yourdomain.com/6033fdcbb7eea0113e37cbe1. Having a meaningful URL makes it easier for the user to share and remember it as compared to a bunch of alphanumerics. If you use MongoDB, give this one a try. It’s really simple to use as well.


Securing your backend against malicious requests should be one of the utmost priorities when building it. With Helmet, things become a bit simpler as this wonderful package provides you protection against some of the well-known web vulnerabilities like cross-site scripting attacks and cross-site injections by setting appropriate HTTP headers. Essentially, Helmet acts as middleware and is extremely easy to setup. In my opinion, it is one of the must-haves if you plan to deploy your backend to production, which is usually the case. In fact, Express recommends Helmet as a best practice in the production environment.

Express Async Handler

Most of the backend code we write tends to be asynchronous in nature as we reach out to our database to retrieve the data we need. This operation may be resolved successfully or may fail. To tackle these conditions, we use the try-catch block. However, writing a try-catch block for each asynchronous function becomes tedious especially we have a lot of endpoints. There is where express-async-handler shines. It is a middleware that is used to handle exceptions in asynchronous functions and pass them to the error handlers, thus saving us from writing the try-catch block each time and instead just wrap the function inside the middleware.


File uploads are yet another feature that is widely used in a lot of websites and applications. Multer is a middleware that is used for uploading or storing files to the disk or other cloud services like Cloudinary, AWS S3, and more. It processes the forms having its encoding type set to multipart/form-data and allows us to access the uploaded file in the body. You can use it to upload any type of file, be it a zipped archive or an image file. But you can also filter the files based on their size, extension, and mimetype if needed.


Date-fns is probably the best toolset for manipulating JavaScript dates. With over 180+ modular functions, you make sure that you import only the stuff you need. It uses the native date type in JavaScript and uses pure functions that return a new date instance instead of mutating the passed one. From formatting dates to locales, date-fns has got you covered for all operations on dates addition and subtraction. If you’re using Moment, I’d highly recommend giving date-fns a try.


This is definitely a must-have! Dotenv allows you to load environment variables from .env file, such that you can confidential information such as API keys, secret strings, password, database URI and more inside this file and prevent it from being tracked by Git. The problem with the regular approach is that once you upload your codebase to GitHub or other platforms, your API keys are exposed as well, which can cause serious concerns. By storing it in .env file and adding it to .gitignore, you can access those variables in your Node app using process.env.VARIABLE_NAME


Morgan is a simple logger middleware that is used to log out several properties related to the request received by the server such as the method, URL, status code, response time, and plenty of other stuff. It is quite useful during the development process and can be used to analyze the number of requests you make and their responses. Although not a necessity, it’s a nifty little middleware to have.

So that was my list of 10 NPM packages that you should have a look at. Do you agree with these? Do let me know if I’ve missed any of your favourites and your recommendations in the comments below. If you’re looking for some cool NPM packages to use with React, you can check this out. That’s it for this one.

Sharing is caring

Did you like what Mehul Mohan wrote? Thank them for their work by sharing it on social media.


No comments so far