What are the req and res objects in Express.js?

req and res in Express.js

Every Express route handler receives two key objects: req (request) and res (response). They are enhanced versions of Node.js's built-in http.IncomingMessage and http.ServerResponse.

The Request Object (req)

req contains everything about the incoming HTTP request.

URL & Routing

// Route: GET /api/users/:id?include=posts
app.get('/api/users/:id', (req, res) => {
  req.params.id        // '42'  — URL parameter
  req.query.include    // 'posts' — query string
  req.path             // '/api/users/42'
  req.originalUrl      // '/api/users/42?include=posts'
  req.method           // 'GET'
  req.hostname         // 'example.com'
  req.protocol         // 'https'
  req.secure           // true (if HTTPS)
  req.ip               // '192.168.1.1'
});

Request Body

app.use(express.json());         // enables req.body for JSON
app.use(express.urlencoded());   // enables req.body for form data

app.post('/users', (req, res) => {
  req.body.name   // from JSON or form body
  req.body.email
});

Headers & Cookies

req.headers                      // all headers (lowercase keys)
req.headers['authorization']     // 'Bearer eyJ...'
req.get('Content-Type')          // helper: get header by name
req.cookies.sessionId            // requires cookie-parser middleware
req.signedCookies.userId         // signed cookies

Custom Properties (set by middleware)

// Auth middleware sets req.user
req.user        // { id: 1, role: 'admin' }
req.db          // database connection
req.requestId   // custom request ID

The Response Object (res)

res is used to send the HTTP response back to the client.

Sending Responses

res.send('Hello')               // text/HTML, auto Content-Type
res.json({ data: 'value' })     // application/json
res.sendFile('/path/to/file')   // send a file
res.download('/file.pdf')       // trigger browser download
res.render('template', { data })// render template engine view
res.status(404).send('Not Found')

Status Codes

res.status(200).json(data)   // OK
res.status(201).json(data)   // Created
res.status(204).send()       // No Content
res.status(400).json({ error: 'Bad Request' })
res.status(401).json({ error: 'Unauthorized' })
res.status(403).json({ error: 'Forbidden' })
res.status(404).json({ error: 'Not Found' })
res.status(500).json({ error: 'Internal Server Error' })

Headers & Redirects

res.set('X-Custom-Header', 'value')  // set a header
res.set({ 'X-A': '1', 'X-B': '2' }) // set multiple
res.type('json')                      // set Content-Type
res.redirect('/new-url')             // 302 redirect
res.redirect(301, '/permanent')      // permanent redirect
res.cookie('token', 'abc', {         // set cookie
  httpOnly: true,
  secure: true,
  maxAge: 86400000
})
res.clearCookie('token')             // clear cookie

Chaining

Most res methods return res, so you can chain:

res
  .status(201)
  .set('X-Created-Id', String(user.id))
  .json({ success: true, data: user });

res.locals

Pass data from middleware to route handlers:

// Middleware
app.use((req, res, next) => {
  res.locals.user = req.user;
  res.locals.requestId = crypto.randomUUID();
  next();
});

// Route handler
app.get('/profile', (req, res) => {
  res.render('profile', { user: res.locals.user });
});

req and res are the two pillars of every Express handler. Master their properties and methods — especially req.params, req.query, req.body, res.json(), res.status(), and res.redirect() — and you can handle virtually any HTTP interaction.

Short Answer

Interview ready

Premium

A concise answer to help you respond confidently on this topic during an interview.

Finished reading?

Practice Problems