2. Tutorials
  3. hapi — Route Handling and Drive Traffic to Your Server

hapi — Route Handling and Drive Traffic to Your Server

This tutorial is part of an extensive hapi series that guides you through the framework’s fundamentals. Within the previous guides, you’ve already learned how to get your server up and running and further how to install and create plugins leveraging hapi’s powerful plugin system.

This guide walks you through the essentials of routing and how to add routes for all kinds of HTTP methods (GET, POST, PUT, etc.).

Before diving into the details, have a look at the series outline and find posts that match your interests and needs.

hapi Series Overview

  1. Get Your Server Up and Running
  2. v17 Upgrade Guide (Your Move to async/await)
  3. Become a Better Developer in 2018
  4. Become a Better Developer in 2017
  1. What You’ll Build
  2. Prepare Your Project: Stack & Structure
  3. Environment Variables and Storing Secrets
  4. Set Up MongoDB and Connect With Mongoose
  5. Sending Emails in Node.js
  6. Load the User’s Profile Picture From Gravatar Using Virtuals in Mongoose
  7. Implement a User Profile Editing Screen
  8. Generate a Username in Mongoose Middleware
  9. Displaying Seasons and Episodes for TV Shows with Mongoose Relationship Population
  10. Implementing Pagination for Movies
  11. Implement a Watchlist
  12. Create a Full Text Search with MongoDB
  1. Create a REST API with JSON Endpoints
  2. Update Mongoose Models for JSON Responses
  3. API Pagination for TV Shows
  4. Customize API Endpoints with Query Parameters
  5. Always Throw and Handle API Validation Errors
  6. Advanced API Validation With Custom Errors
  7. Create an API Documentation with Swagger
  8. Customize Your Swagger API Documentation URL
  9. Describe Endpoint Details in Your Swagger API Documentation
  10. 10 Tips on API Testing With Postman
  11. JWT Authentication in Swagger API Documentation
  12. API Versioning with Request Headers
  1. IP-Based Rate Limits (Part 1 of 7)
  2. Rate Limits for Routes (Part 2 of 7)
  3. Dynamic Rate Limits (Part 3 of 7)
  4. Render a “Rate Limit Exceeded” View (Part 4 of 7)
  5. Show “Rate Limit Exceeded” Error on Login (Part 5 of 7)
  6. Disable Rate Limiting (Part 6 of 7)
  7. Rate Limiter Refactoring & Cleanup (Part 7 of 7)
  1. API Login With Username and Password to Generate a JWT
  2. JWT Authentication and Private API Endpoints
  3. Refresh Tokens With JWT Authentication
  4. Create a JWT Utility
  5. JWT Refresh Token for Multiple Devices
  6. Check Refresh Token in Authentication Strategy
  7. Rate Limit Your Refresh Token API Endpoint
  8. How to Revoke a JWT
  9. Invalidate JWTs With Blacklists
  10. JWT Logout (Part 1/2)
  11. JWT “Immediate” Logout (Part 2/2)
  12. A Better Place to Invalidate Tokens
  13. How to Switch the JWT Signing Algorithm
  14. Roll Your Own Refresh Token Authentication Scheme
  15. JWT Claims 101
  16. Use JWT With Asymmetric Signatures (RS256 & Co.)
  17. Encrypt the JWT Payload (The Simple Way)
  18. Increase JWT Security Beyond the Signature
  19. Unsigned JSON Web Tokens (Unsecured JWS)
  20. JWK and JWKS Overview
  21. Provide a JWKS API Endpoint
  22. Create a JWK from a Shared Secret
  23. JWT Verification via JWKS API Endpoint
  24. What is JOSE in JWT
  25. Encrypt a JWT (the JWE Way)
  26. Authenticate Encrypted JWTs (JWE)
  27. Encrypted and Signed JWT (Nested JWT)
  28. Bringing Back JWT Decoding and Authentication
  29. Bringing Back JWT Claims in the JWT Payload
  1. How to Run Separate Frontend and Backend Servers Within a Single Project
  2. How to Use Server Labels
  3. How to Correctly Stop Your Server and Close Existing Connections
  1. Basic Authentication With Username and Password
  2. Authentication and Remember Me Using Cookies
  3. How to Set a Default Authentication Strategy
  4. Define Multiple Authentication Strategies for a Route
  5. Restrict User Access With Scopes
  6. Show „Insufficient Scope“ View for Routes With Restricted Access
  7. Access Restriction With Dynamic and Advanced Scopes
  8. hapi - How to Fix „unknown authentication strategy“
  9. Authenticate with GitHub And Remember the Login
  10. Authenticate with GitLab And Remember the User
  11. How to Combine Bell With Another Authentication Strategy
  12. Custom OAuth Bell Strategy to Connect With any Server
  13. Redirect to Previous Page After Login
  14. How to Implement a Complete Sign Up Flow With Email and Password
  15. How to Implement a Complete Login Flow
  16. Implement a Password-Reset Flow
  1. Views in hapi 9 (and above)
  2. How to Render and Reply Views
  3. How to Reply and Render Pug Views (Using Pug 2.0)
  4. How to Create a Dynamic Handlebars Layout Template
  5. Create and Use Handlebars Partial Views
  6. Create and Use Custom Handlebars Helpers
  7. Specify a Different Handlebars Layout for a Specific View
  8. How to Create Jade-Like Layout Blocks in Handlebars
  9. Use Vue.js Mustache Tags in Handlebars Templates
  10. How to Use Multiple Handlebars Layouts
  1. Extend Your Server Functionality With Plugins
  2. Create Your Own Custom Plugin
  3. How to Register Plugins for a Selected Server Instance
  4. hapi Plugin for Client Geo Location (by Future Studio 🚀)
  5. Increase Development Speed With Errors in the Browser or as JSON Response
  1. How to Access and Handle Request Payload
  2. Access Request Headers
  3. How to Manage Cookies and HTTP States Across Requests
  4. Detect and Get the Client IP Address
  5. How to Upload Files
  6. Quick Access to Logged In User in Route Handlers
  7. How to Fix “handler method did not return a value, a promise, or throw an error”
  8. How to Fix “X must return an error, a takeover response, or a continue signal”
  1. How to Reply a JSON Response
  2. How to Set Response Status Code
  3. How to Handle 404 Responses for Missing Routes
  1. Query Parameter Validation With Joi
  2. Path Parameter Validation With Joi
  3. Request Payload Validation With Joi
  4. Validate Query and Path Parameters, Payload and Headers All at Once on Your Routes
  5. Validate Request Headers With Joi
  6. Reply Custom View for Failed Validations
  7. Handle Failed Validations and Show Errors Details at Inputs
  8. How to Fix AssertionError, Cannot validate HEAD or GET requests
  1. Add CSRF Protection on Forms and API Endpoints
  1. Report Errors to Sentry
  2. Don’t Report Errors to Sentry in Development Mode
  3. Logging Fundamentals
  4. Log to Console With Good
  5. Log to File With Good
  1. Getting Started With Testing Using Lab and Code
  2. Run Tests with Assertions using Code
  3. Test Route Handlers by Injecting Requests
  4. Inject Request Payload, Headers and Parameters While Testing Route Handlers
  1. Zero-Downtime Deployments Using PM2

Routing Basics

Adding routes to your hapi server requires three elements: HTTP method, path, and a route handler. You’re going to register new routes using hapi’s server instance and the procedure can be as straight as this:

hapi v17

server.route({  
  method: 'GET',
  path: '/',
  handler: (request, h) => {
    return 'Hello Future Studio'
  }
})

hapi v16

server.route({  
  method: 'GET',
  path: '/',
  handler: function (request, reply) {
    reply('Hello Future Studio')
  }
})

This route will respond to a GET request at the root path / by sending the text Hello Future Studio. The following section will show you how to register routes for other HTTP methods than GET.

Route all the Methods: GET, POST, PUT, etc.

Within the example above you’ve seen the registration of a GET route. You can use any valid HTTP method name or even an array of HTTP method names as a value for the method property. To make things approachable, let’s have a look at the following example:

hapi v17

server.route({  
  method: [ 'GET', 'POST', 'PUT' ],
  path: '/',
  handler: (request, h) => {
    return 'Hello Future Studio'
  }
})

hapi v16

server.route({  
  method: [ 'GET', 'POST', 'PUT' ],
  path: '/',
  handler: function (request, reply) {
    reply('Hello Future Studio')
  }
})

The route above will respond with Hello Future Studio for all GET, POST and PUT requests at path /.

Actually, executing the same code for different request types isn’t always intended behavior. You might want to render a view for a GET and let users send data to your server for POST or PUT requests.

hapi v17

server.route({  
  method: 'GET',
  path: '/',
  handler: (request, h) => {
    return 'Hello Future Studio'
  }
})

server.route({  
  method: [ 'POST', 'PUT' ],
  path: '/',
  handler: (request, h) => {
    // process the request’s payload …

    return 'Created a new Future Studio instance'
  }
})

hapi v16

server.route({  
  method: 'GET',
  path: '/',
  handler: function (request, reply) {
    reply('Hello Future Studio') 
  }
})

server.route({  
  method: [ 'POST', 'PUT' ],
  path: '/',
  handler: function (request, reply) {
    // process the request’s payload …

    reply('Created a new Future Studio instance')
  }
})

Of course, you can do complex processing and execute load-intensive tasks within your route handlers. Ultimately, you need to respond the request. The response can be either empty or another kind of data like a view or JSON string or just text, etc.

Register Multiple Routes at Once

Hapi’s server.route function allows you to pass either single route objects or an array of routes. The examples above registered each route separately.

In the following, we’ll simplify that code snippet to register both routes at once using an array.

hapi v17

server.route([  
  {
    method: 'GET',
    path: '/',
    handler: (request, h) => {
      return 'Hello Future Studio'
    }
  },
  {
    method: 'POST',
    path: '/',
    handler: (request, h) => {
      // process the request’s payload …

      return 'Created a new Future Studio instance'
    }
  }
])

hapi v16

server.route([  
  {
    method: 'GET',
    path: '/',
    handler: function (request, reply) {
      reply('Hello Future Studio') 
    }
  },
  {
    method: 'POST',
    path: '/',
    handler: function (request, reply) {
      // process the request’s payload …

      reply('Created a new Future Studio instance')
    }
  }
])

This little helper is kind of handy when defining a group of routes for a given context.

Path & Path Parameters

You’ve already noticed that the path property of server.route is a string value that specifies the individual route endpoint.

A route’s path is tightly coupled with parameters and there are multiple use cases that come to your mind when thinking about path parameters. To add a parameter, just wrap its name into curly brackets, like {parameter}.

hapi v17

server.route({  
  method: 'GET',
  path: '/page/{page}',
  handler: (request, h) => {
    return `Greetings from page ${encodeURIComponent(request.params.page)}`
  }
})

hapi v16

server.route({  
  method: 'GET',
  path: '/page/{page}',
  handler: function (request, reply) {
    reply('Greetings from page ' + encodeURIComponent(request.params.page)) 
  }
})

This snippet will respond with Greetings from page <page> if you provide a value for {page} within your request. The encodeURIComponent(str) function will encode your page parameter to avoid users sending a text that might affect your server’s security.

There are situations where path parameters should be optional. Imagine that you receive an initial data set as an overview when requesting the content at path / and proceed to fetch detailed data at path /<content-identifier>. To declare a path parameter optional, add a question mark at the end of your parameter name within the path: {parametername?}

hapi v17

server.route({  
  method: 'GET',
  path: '/{identifier?}',
  handler: (request, h) => {
    return `You requested data for ${encodeURIComponent(request.params.identifier)}`
  }
})

hapi v16

server.route({  
  method: 'GET',
  path: '/{identifier?}',
  handler: function (request, reply) {
    reply('You requested data for ' + encodeURIComponent(request.params.identifier)) 
  }
})

Requesting the GET / endpoint without a parameter will result in the following message: You requested data for undefined. If you’re passing a parameter with your request, you’ll see a response message like You requested data for <your parameter>.

Please be aware that you can only define the last named parameter as optional. Precisely, /tag/{tagname?}/{page} is an invalid path, because there’s another parameter after the optional tagname.

Further, each path segment can have only a single parameter. That means, you’re allowed to define a route like /{file}.zip but not /{file}.{ext}. Path segments are divided by a forward slash /.

Route Handlers

The third property for server.route is the handler function. This handler function accepts two parameters: request and reply. The request object contains details about the actual client’s request, e.g. payload and headers, authentication information, parameters for query and path, etc. You can find details about hapi’s request object within the documentation.

The second parameter is reply and used to respond a request appropriately. Responding a request with payload is as simple as just passing your desired value as a parameter.

The payload can be (reply(payload)):

  • string
  • buffer
  • stream
  • JSON serializable object

The result of reply is a response object that allows chaining to further refine the final response, like status code, add response headers, define the response charset or encoding, and many more. Please find a detailed overview of allowed options for the response in hapi’s documentation.

In later tutorials, we’ll go into detail about requests and responses. For now, it’s important and sufficient to know that hapi provides the capabilities to refine your responses as you wish.

Route Config & Options

Besides method, path, and handler, you can define an additional config property for each route. That’s the exact place to specify things like payload validation, route prerequisites, authentication, caching, etc. We’ll have a detailed look at these capabilities in later tutorials.

Furthermore, you can define documentation related options (description, notes, tags) that doesn’t affect the route’s functionality, but can be helpful and valuable when generating the app’s documentation or bringing new developers on board.

As of now, find more details about route options in hapi’s documentation. As already mentioned, we’ll get back to these functionalities in later tutorials.

Alright, so how does it look like?

hapi v17

server.route({  
  method: 'GET',
  path: '/',
  handler: (request, h) => {
    return 'Hello Future Studio'
  },
  config: {
    description: 'Sends a friendly greeting!',
    notes: 'No route parameters available',
    tags: ['greeting']
  }
})

hapi v16

server.route({  
  method: 'GET',
  path: '/',
  handler: function (request, reply) {
    reply('Hello Future Studio')
  },
  config: {
    description: 'Sends a friendly greeting!',
    notes: 'No route parameters available',
    tags: ['greeting']
  }
})

Hapi allows you to move the handler function into the config object. That might be beneficial if you want to keep your route configuration and handler close to being aware of authentication or caching mechanisms that might affect the actual functionality inside the handler.

Outlook

This guide provides you an outline of route handling in hapi. Now, you’re able to register custom routes to your server instance and add (optional) path parameters. Also, you know that route configurations are available and can be specified individually.

Next up is hapi’s plugin system. Learn how to install plugins to extend hapi’s built-in feature set.

We appreciate feedback and love to help you if there’s a question on your mind. Let us know in the comments or on twitter @futurestud_io.

Make it rock & enjoy coding!

Marcus Pöhls

Marcus is a fullstack JS developer. He’s passionate about the hapi framework for Node.js and loves to build web apps and APIs. Creator of Futureflix and the “learn hapi” learning path.

Explore the Library

Find interesting tutorials and solutions for your problems.

Android

Node.js

Server

Miscellaneous