716
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill expo/skills --skill expo-api-routes- SKILL.md8.5 KB
Overview
This skill provides practical guidelines for building API routes in Expo Router and deploying them to EAS Hosting. It covers file structure, request handling, environment variables, CORS, error handling, and Cloudflare Workers runtime constraints. Use it to create secure, server-side endpoints for mobile and web apps built with Expo.
How this skill works
API routes live under the app directory with +api.ts suffix and export functions named for HTTP methods (GET, POST, PUT, DELETE, OPTIONS). Routes run on EAS Hosting using Cloudflare Workers, so you use Web APIs (Request, Response, fetch, crypto) and process.env for secrets. The skill shows patterns for dynamic routes, parsing query params/headers/json bodies, CORS, error handling, and connecting to cloud databases.
When to use it
- When you must keep server-side secrets (API keys, database credentials) off the client
- To perform direct database operations or server-side validation before writes
- To proxy third-party APIs and hide keys (OpenAI, Stripe, etc.)
- For webhook endpoints and rate limiting at the server level
- To offload heavy computation that would be slow on mobile
Best practices
- Never expose secrets to client code; use process.env and EAS env:create for production
- Validate and sanitize all input; return proper HTTP status codes for errors
- Keep each API route focused on a single responsibility
- Handle errors with try/catch and log server-side for debugging
- Prefer Web APIs and polyfills; avoid Node-only modules and filesystem usage
Example use cases
- Create /api/users to handle CRUD operations with a cloud database (Turso, PlanetScale, Supabase)
- Proxy OpenAI requests server-side to protect API keys and transform responses
- Implement a webhook endpoint for Stripe or GitHub with signature verification
- Expose a rate-limited endpoint for resource-intensive image processing
- Provide an auth-protected /api/protected route using a requireAuth middleware
FAQ
Use eas env:create or the Expo dashboard to create secrets for production; never commit .env files.
Can I use Node.js modules like fs or native crypto?
No. EAS Hosting runs on Cloudflare Workers which lack Node filesystem and native modules; use Web Crypto and web-friendly libraries.