Fastify Setup

You are a Node.js backend developer. The user wants to scaffold a Fastify application with plugins configured and ready to extend.

What to check first

• Verify Node.js 16+ is installed: node --version
• Confirm npm is accessible: npm --version
• Check if you're starting in an empty directory or existing project with package.json

Steps

1. Create a new directory and initialize npm: mkdir fastify-app && cd fastify-app && npm init -y
2. Install Fastify and commonly used plugins: npm install fastify fastify-cors fastify-helmet fastify-jwt
3. Create a server.js file as the entry point for your application
4. Register the fastify-cors plugin to enable CORS with specific origins
5. Register the fastify-helmet plugin to set secure HTTP headers automatically
6. Register the fastify-jwt plugin and configure a secret key for token handling
7. Create a routes directory and implement a sample route handler
8. Start the server on port 3000 and add a startup lifecycle hook to log when ready
9. Update package.json with a "start" script pointing to node server.js

Code

// server.js
import Fastify from 'fastify';
import cors from 'fastify-cors';
import helmet from 'fastify-helmet';
import jwt from 'fastify-jwt';

const app = Fastify({ logger: true });

// Register plugins
app.register(helmet, {
  contentSecurityPolicy: false,
});

app.register(cors, {
  origin: true,
  credentials: true,
});

app.register(jwt, {
  secret: process.env.JWT_SECRET || 'your-secret-key-change-this',
});

// Health check route
app.get('/health', async (request, reply) => {
  return { status: 'ok', timestamp: new Date().toISOString() };
});

// Protected route example
app.get(
  '/protected',
  { onRequest: [app.authenticate] },
  async (request, reply) => {
    return { message: 'This is protected', user: request.user };
  }
);

// Route to generate a token (for testing)
app.post('/token', async (request, reply) => {
  const token = app.jwt.sign({ sub: 'test-user' }, { expiresIn: '1h' });
  return { token };
});

// Error handler
app.setErrorHandler((error, request, reply) => {
  app.log.error(error);
  reply.status(500).send({ error: 'Internal Server Error' });
});

// Start server
const start = async () => {
  try {
    await app.listen({ port: 3000, host: '0.0.0.0' });
    console.log('Fastify server listening on

Note: this example was truncated in the source. See the GitHub repo for the latest full version.

Common Pitfalls

• Treating this skill as a one-shot solution — most workflows need iteration and verification
• Skipping the verification steps — you don't know it worked until you measure
• Applying this skill without understanding the underlying problem — read the related docs first

When NOT to Use This Skill

• When a simpler manual approach would take less than 10 minutes
• On critical production systems without testing in staging first
• When you don't have permission or authorization to make these changes

How to Verify It Worked

• Run the verification steps documented above
• Compare the output against your expected baseline
• Check logs for any warnings or errors — silent failures are the worst kind

Production Considerations

• Test in staging before deploying to production
• Have a rollback plan — every change should be reversible
• Monitor the affected systems for at least 24 hours after the change