NodeJS, Treehouse, API, Secure, Customisable
npm install tree-house@3.0.0



NodeJS utilities and handy helpers extending ExpressJS functionalities

Install via npm

npm install tree-house

or via yarn

yarn add tree-house


const treehouse = require('tree-house')
import * as treehouse from 'tree-house'


setBasicSecurity(app, route, options)

Set some basic Express security using cors and helmet.

const app = express();

treehouse.setBasicSecurity(app, '*', {
  cors: {},   // cors options
  helmet: {}, // helmet options

setBodyParser(app, route, options)

Set a body parser using the body-parser module

const app = express();

treehouse.setBodyParser(app, '*', {
  json: {},   // json options
  raw: {}, // raw options
  text: {}, // text options
  urlEncoded: {}, // urlEncoded options


Get a rate limiter instance to prevent brute force attacks. This can be used as a middleware in Express. At the moment there is support for a built in-memorystore or Redis. Both use the express-rate-limit module.

const app = express();

// In memory store (development purposes)
const globalRateLimiter = treehouse.getRateLimiter({
  max: 100, // limit each IP to 100 requests per windowMs
  delayMs: 0 // disable delaying - full speed until the max limit is reached
  windowMs: 60 * 60 * 1000, // 1 hour window
    "Too many accounts created from this IP, please try again after an hour"

app.use('/login', globalRateLimiter, ...);

// Using existing Redis client
  redis: {
    client: existingClient, // All Redis options or 'client' to use an existing client (see rate-limit-redis)


handleAsyncFn((req, res, next(optional)) => { ... })

Express middleware that wraps and executes a given function with try/catch to avoid unhandled promises within Express.

const app = express();

function getAllUsers(req, res) {
  //  res.send(users) -> return users...
  // or
  // if an unhandled error occurs this will be passed onto the Express error handler instead of raising an UnhandledPromiseRejectionError

app.use('/users', treehouse.handleAsyncFn(getAllUsers));


startServer(app, options)

Start an http or https server using an express instance

const app = express();

treehouse.startServer(app, {
  port: 3000,
  title: 'My app',
  pre: preFn,       // function to execute before starting server (optional)
  post: postFn,     // function to execute after starting server (optional) - will contain the http server as first argument
  https: {          // optional
    port: 3001,
    privateKey: 'assets/ssl.key',
    certificate: 'assets/ssl.cert',
  keepAliveTimeout: 60000, // optional
  headersTimeout: 60000, // optional


setSwagger(app, route, filePath, options)

Serve Swagger UI via the a provided Swagger yaml file OR folder with valid structure and yaml files.

YAML file implementation

const app = express();

await treehouse.setSwagger(app, '/documentation', 'documentation/swagger.yml', {
  host: 'localhost:3000',
  schemes: ['http'],

Folder implementation with valid structure


├── validFolderName
|   ├── index.yml # contains basic info + definition models
|   └── routes
|          ├── route1.yml
|          └── randomName.yml
|          ├── ... # more yml files

Example code

const app = express();

treehouse.setSwagger(app, '/documentation', 'documentation/validFolderName', {
  host: 'localhost:3000',
  schemes: ['http'],
  concatenate : true, // The property to enable folder functionality


validateSchema(schema, options)

Express middleware to validate a Joi schema using the express-validation module. This will throw an error as an instance of ExpressValidationError if the Joi validation fails.

const schema =   {
  body: Joi.object({
    name: Joi.string().required(),
};'/my-endpoint', treehouse.validateSchema(schema), ...);


  • You can run npm run test to run all tests
  • You can run npm run test:coverage to run all tests with coverage report


When you find issues, please report them:

Be sure to include all of the output from the npm command that didn't work as expected. The npm-debug.log file is also helpful to provide.


See the list of contributors who participated in this project.


This project is licensed under the ISC License - see the file for details