My normal pattern is use a route parameter to fetch the resource from the database such as:
app.param("articleId", function (req, res, next, paramValue) {
var _id;
try {
_id = new ObjectID(paramValue);
} catch (error) {
res.status(400).send('Invalid ID');
return;
}
Article.findById(_id, function(error, doc){
if (error) {
next(error);
return;
}
if (doc) {
req.article = doc;
next();
return;
}
res.send(404);
});
});
Then I use a middleware for the authorization but it can assume req.article
is already loaded from the database.
This is a good default pattern, and I think you should use it for a while and get used to it before doing any performance optimizations, but when you really and truly have enough traffic to choose a less-generic pattern, go for it. Just keep in mind that usually is justified in year 2 or 3 of a startup/project, not for launch day.