
Best Practices for Http Api Error Response Handling

Best Practices for HTTP API Error Handling

  1. be easy and flexible to humans
  2. support richer error codes with custom 5-digit errno
  3. auto detect standard HTTP_STATUS_CODES with status
  4. auto generate random request_id
  5. JSON-API Response:
  • responseData:{ <int:code>, <str:error> ,<str:request_id> }
  • responseDataV2: { <obj:error> , <str:request_id> }


require nodejs > v7.6.0 for class extends support

npm install js-http-errors

parameters (attributes of ApiError)

  • @status :int:alias=status_code:

    • HTTP STATUS CODE, default = 400
    • HTTP返回状态码,默认值400
  • @message :str:alias=error_msg:

    • error message content
    • 错误文本信息
  • @errno :int:alias=code:

    • error code, default=40000
    • suggest to use 5-digit number with its first 3-digit represent HTTP STATUS CODE
    • 错误码, 默认值为 40000, 建议使用 5 位数,其中前 3 位应设计等于 http status code 返回状态码
  • @trackError:object:

    • Original Error Tracked by ApiError, default is null
    • 原始错误Error,默认值为 null


1. ApiError

const http_errors = require("js-http-errors");

// 0. support init Error by `new ApiError` || `ApiError.new` || `apiError` 
let e1 = new http_errors.ApiError(40100);
let e2 = new http_errors.ApiError(401);
let e3 = new http_errors.ApiError({errno:40102, message:"require re-login"});

// or 
let e4 = http_errors.ApiError.new(40100);
let e5 = http_errors.ApiError.new(401);
let e6 = http_errors.ApiError.new({errno:40102, message:"require re-login"});

// or
let e7 = http_errors.apiError(40100);
let e8 = http_errors.apiError(401);

// 1. json response data with random request_id
    code: 40100,
    error: 'User Require Login',
    request_id: 'X6822759T8242827'

    request_id: 'X6822759T5B7U3TR',
    error: {
        name: 'ApiError',
        errno: 40100,
        message: 'Unauthorized',
        trackError: null

// 2. suggest to use `apiError` or `apiError.new`, avoid to renew ApiError duplicated 
let e9 = http_errors.apiError({errno:40102, message:"require re-login"});
let e10 = http_errors.apiError(e9);     
// e9 === e10 , while e9 !== new http_errors.ApiError(e9)

// 3. throw Error immediately by `abort`
http_errors.abort(401);             // detect message from HTTP_STATUS_CODES                  
http_errors.abort(40100);           // detect message from defaultErrnoMessages

let err = new Error("Local Error")
http_errors.abort(403, err);            
// equal to: `http_errors.abort({status:403, trackError:err});`         


  • Auto detect error message by status with HTTP_STATUS_CODES
  • Want to customize the HTTP_STATUS_CODES ?
const HTTP_STATUS_CODES = require("js-http-errors").HTTP_STATUS_CODES;
HTTP_STATUS_CODES[401] = "Login Required"

3. ErrnoMessages

  • richer error codes and messages
const defaultErrnoMessages = {
    40000: 'Unknown Error',
    40005: 'Invalid Http Request',
    40099: 'Mysql Execute Error',
    40100: 'User Require Login',
    40300: 'User Forbidden/Unauthorized',
    40400: 'Source Not Found',
    40900: 'SqlError: You should not insert a duplicated item to database',
  • you may update the defaultErrnoMessages to customize errno messages
const defaultErrnoMessages = require("js-http-errors").defaultErrnoMessages;
defaultErrnoMessages[40041] = "Invalid Password"
  • suggest to use 5-digit-number with its first 3-digit represent HTTP STATUS CODE