instaserve
Advanced tools
Instant web stack for Node.js
Instaserve uses environment variables for Auth0 and Cloudflare R2 integration. Create a .env file (if your runner supports it) or pass them before the command.
AUTH0_DOMAIN: Your Auth0 domainAUTH0_CLIENT_ID: Your Auth0 Client IDAUTH0_CLIENT_SECRET: Your Auth0 Client Secretlib/r2.js)CLOUDFLARE_ACCOUNT_ID: R2 Account IDCLOUDFLARE_ACCESS_KEY_ID: R2 Access Key IDCLOUDFLARE_SECRET_ACCESS_KEY: R2 Secret Access Key# Run with env vars AUTH0_DOMAIN=... AUTH0_CLIENT_ID=... npx instaserve [options]Generate routes file
npx instaserve generate-routes
generate-routes
Create a sample routes.js file in the current directory
-port <number>
Port to listen on (default: 3000)
-ip <address>
IP address to bind to (default: 127.0.0.1)
-public <path>
Public directory path (default: ./public)
-api <file>
Path to routes file (default: ./routes.js)
-secure
Enable HTTPS (requires cert.pem and key.pem - run ./generate-certs.sh)
-help
Show help message
Instaserve supports HTTPS with self-signed certificates. To enable HTTPS:
Generate certificates:
./generate-certs.sh
This creates cert.pem and key.pem files and adds them to your system's trust store.
Run with HTTPS:
npx instaserve -secure
The certificate generation script:
The routes file (routes.js by default) defines your API endpoints. Each route is a function that handles requests to a specific URL path.
To create a sample routes.js file with example routes and middleware:
npx instaserve generate-routes
This creates a routes.js file in the current directory with example code. If the file already exists, the command will fail to prevent overwriting.
Instaserve validates routes files on startup:
-api is specified and the file doesn't exist, the server will fail to startexport default {
// Handle GET /hello
hello: (req, res, data) => {
return { message: 'Hello World' }
}
}
Routes can be defined with HTTP method prefixes to handle different methods on the same path. Supported methods: GET, POST, PUT, DELETE.
export default {
// Method-specific routes
'POST /users': (req, res, data) => {
return { message: 'Create user', data }
},
'GET /users': (req, res, data) => {
return { message: 'Get users' }
},
'PUT /users': (req, res, data) => {
return { message: 'Update user', data }
},
'DELETE /users': (req, res, data) => {
return { message: 'Delete user', data }
},
// Path-only routes still work (backward compatible)
// These match any HTTP method
hello: (req, res, data) => {
return { message: 'Hello World' }
}
}
Method-specific routes take precedence over path-only routes. If no method-specific route matches, the server falls back to path-only route matching.
Routes starting with _ are middleware functions that run on every request before the main route handler. They are useful for:
Middleware functions can:
false to continue to the next middleware or main routeexport default {
// Log every request
_log: (req, res, data) => {
console.log(`${req.method} ${req.url}`)
return false // Continue processing
},
// Block unauthorized requests
_auth: (req, res, data) => {
if (!data.token) {
res.writeHead(401)
return 'Unauthorized'
}
return false // Continue if authorized
}
}
Each route function receives:
req - The HTTP request objectres - The HTTP response objectdata - Combined data from:
Routes can return a 3-digit number (100-999) to set the HTTP status code with an empty response body:
export default {
'GET /notfound': () => 404,
'GET /unauthorized': () => 401,
'GET /forbidden': () => 403,
'GET /teapot': () => 418, // I'm a teapot
'GET /created': () => 201
}
Routes can also return:
// routes.js
export default {
// Middleware example
_debug: (req, res, data) => {
console.log('Request:', req.url)
return false // Continue to next route
},
// Method-specific routes
'POST /api/users': (req, res, data) => {
return { status: 'created', data }
},
'GET /api/users': (req, res, data) => {
return { status: 'ok', users: [] }
},
'GET /api/notfound': () => 404,
'GET /api/unauthorized': () => 401,
// Path-only route (matches any method)
api: (req, res, data) => {
return { status: 'ok', data }
},
// Error handling
testerror: () => {
throw new Error('Test error')
}
}
The lib/ directory contains useful modules for authentication, storage, and database manipulation.
lib/auth0.js)Provides authentication routes and req.user handling via Auth0.
GET /login, GET /logout, GET /callbackimport auth0 from './lib/auth0.js';
export default {
...auth0,
// other routes
}
lib/r2.js)Utilities for Cloudflare R2 or S3-compatible object storage.
uploadToR2, downloadFromR2, listR2FilesfileRoutes exports helpers for file management.import { fileRoutes } from './lib/r2.js';
export default {
...fileRoutes,
// other routes
}
lib/sqlite.js)Provides a local SQLite database with a per-user Key-Value store.
_auth middleware, CRUD for KV store (/api, /all).import sqliteRoutes from './lib/sqlite.js';
export default {
...sqliteRoutes,
// other routes
}
FAQs
Instant web stack
The npm package instaserve receives a total of 1 weekly downloads. As such, instaserve popularity was classified as not popular.
We found that instaserve demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.
Security News
Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.
Security News
OpenSSF has issued a high-severity advisory warning open source developers of an active Slack-based campaign using impersonation to deliver malware.