Skill

NestJS Middleware Pattern

Apply NestJS class-based and functional middleware via consumer.forRoutes for pre-routing logic like logging, rate limiting, correlation IDs, and Express integration on specific routes or controllers.

NestJS

Express

Typescript

backend

api-development

npx claudepluginhub intense-visions/harness-engineering --plugin harness-claude

Tool Access

This skill uses the workspace's default tool permissions.

Preview

> Apply NestMiddleware and functional middleware with consumer.forRoutes binding

Supporting Assets

skill.yaml

SKILL.md

Similar Skills

nestjs-guards-interceptors

129

Implements NestJS guards and interceptors for authentication, authorization, logging, and request/response transformation. Covers CanActivate, ExecutionContext, and JWT patterns for cross-cutting concerns.

2 tools

nestjs

NestJS Interceptors Pattern

Implements NestJS Interceptors to transform responses, log execution times, add timeouts, cache results, and handle errors across routes.

1 file

harness-claude

laravel-middleware-patterns

Provides Laravel middleware best practices: before/after patterns, terminable middleware, groups, parameters, and examples for auth checks, security headers, and request logging.

laravel-claude-agents

Stats

Stars12

Forks6

Last CommitApr 9, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

NestJS Middleware Pattern

Apply NestMiddleware and functional middleware with consumer.forRoutes binding

When to Use

You need to run logic for every request before routing (logging, rate limiting, correlation ID injection)
You are integrating Express middleware (e.g., helmet, compression, cors) into a NestJS app
You need to apply middleware only to specific routes or HTTP methods
You need request-level context that guards and interceptors cannot provide because it must run before route matching

Instructions

Class-based middleware — implements NestMiddleware:

@Injectable()
export class CorrelationIdMiddleware implements NestMiddleware {
  use(req: Request, res: Response, next: NextFunction): void {
    req['correlationId'] = req.headers['x-correlation-id'] ?? randomUUID();
    res.setHeader('X-Correlation-ID', req['correlationId']);
    next();
  }
}

Functional middleware — plain function (preferred when no DI needed):

export function requestLogger(req: Request, res: Response, next: NextFunction): void {
  console.log(`${req.method} ${req.url}`);
  next();
}

Register in module via configure(consumer: MiddlewareConsumer):

@Module({ controllers: [UsersController] })
export class UsersModule implements NestModule {
  configure(consumer: MiddlewareConsumer): void {
    consumer.apply(CorrelationIdMiddleware).forRoutes(UsersController); // apply to entire controller

    consumer.apply(requestLogger).forRoutes({ path: 'users', method: RequestMethod.GET }); // specific method
  }
}

Exclude routes:

consumer
  .apply(AuthMiddleware)
  .exclude({ path: 'auth/login', method: RequestMethod.POST })
  .forRoutes(UsersController);

Global Express middleware — apply directly to the Express instance in main.ts (no NestJS wiring needed):

import helmet from 'helmet';
app.use(helmet());
app.use(compression());

Chain multiple middleware: .apply(Middleware1, Middleware2).forRoutes(...) — they execute in order.

Details

NestJS middleware is equivalent to Express middleware — it receives (req, res, next) and must call next() or terminate the response. It runs before any NestJS-specific pipeline elements (guards, interceptors, pipes).

Middleware vs Guards: Middleware runs before routing. Guards run after routing with handler/controller metadata available. For authentication, use guards (they have ExecutionContext). For infrastructure concerns (logging, tracing, rate limiting), use middleware.

forRoutes() target types:

A controller class — applies to all routes in that controller
A string path — applies to matching URL patterns (supports wildcards)
A { path, method } object — applies to specific HTTP method + path combinations

Class vs functional: Class middleware can inject providers (e.g., LoggerService, ConfigService) through the constructor. Functional middleware is simpler and slightly faster but cannot use DI. Choose functional when no injection is needed.

Execution order: Middleware declared in a module applies only to routes in that module (unless applied globally via app.use()). Import order in AppModule determines middleware execution order across modules.

Async middleware: Both class and functional middleware can be async. Errors thrown (or passed to next(err)) propagate to NestJS exception filters.

Source

https://docs.nestjs.com/middleware

Process

Read the instructions and examples in this document.
Apply the patterns to your implementation, adapting to your specific context.
Verify your implementation against the details and edge cases listed above.

Harness Integration

Type: knowledge — this skill is a reference document, not a procedural workflow.
No tools or state — consumed as context by other skills and agents.

Success Criteria

The patterns described in this document are applied correctly in the implementation.
Edge cases and anti-patterns listed in this document are avoided.