Book Image

Node.js Web Development - Fifth Edition

By : David Herron

Book Image

Node.js Web Development - Fifth Edition

By: David Herron

Overview of this book

Node.js is the leading choice of server-side web development platform, enabling developers to use the same tools and paradigms for both server-side and client-side software. This updated fifth edition of Node.js Web Development focuses on the new features of Node.js 14, Express 4.x, and ECMAScript, taking you through modern concepts, techniques, and best practices for using Node.js. The book starts by helping you get to grips with the concepts of building server-side web apps with Node.js. You’ll learn how to develop a complete Node.js web app, with a backend database tier to help you explore several databases. You'll deploy the app to real web servers, including a cloud hosting platform built on AWS EC2 using Terraform and Docker Swarm, while integrating other tools such as Redis and NGINX. As you advance, you'll learn about unit and functional testing, along with deploying test infrastructure using Docker. Finally, you'll discover how to harden Node.js app security, use Let's Encrypt to provision the HTTPS service, and implement several forms of app security with the help of expert practices. With each chapter, the book will help you put your knowledge into practice throughout the entire life cycle of developing a web app. By the end of this Node.js book, you’ll have gained practical Node.js web development knowledge and be able to build and deploy your own apps on a public web hosting solution.

Preface

Who this book is for

What this book covers

To get the most out of this book

Section 1: Introduction to Node.js

Section 1: Introduction to Node.js

Free Chapter

About Node.js

Overview of Node.js

The capabilities of Node.js

Why should you use Node.js?

The Node.js event-driven architecture

Embracing advances in the JavaScript language

Developing microservices or maxiservices with Node.js

Setting Up Node.js

Setting Up Node.js

System requirements

Installing Node.js using package managers

Installing from the source on POSIX-like systems

Installing multiple Node.js instances with nvm

Requirements for installing native code modules

Choosing Node.js versions to use and the version policy

Choosing editors and debuggers for Node.js

Running and testing commands

Advancing Node.js with ECMAScript 2015, 2016, 2017, and beyond

Exploring Node.js Modules

Exploring Node.js Modules

Defining a Node.js module

Finding and loading modules using require and import

Using npm – the Node.js package management system

The Yarn package management system

HTTP Servers and Clients

HTTP Servers and Clients

Sending and receiving events with EventEmitter

Understanding HTTP server applications

HTTP Sniffer – listening to the HTTP conversation

Web application frameworks

Getting started with Express

Creating an Express application to compute Fibonacci numbers

Making HTTPClient requests

Calling a REST backend service from an Express application

Section 2: Developing the Express Application

Section 2: Developing the Express Application

Your First Express Application

Your First Express Application

Exploring Promises and async functions in Express router functions

Architecting an Express application in the MVC paradigm

Creating the Notes application

Theming your Express application

Scaling up – running multiple Notes instances

Implementing the Mobile-First Paradigm

Implementing the Mobile-First Paradigm

Understanding the problem – the Notes app isn't mobile-friendly

Learning the mobile-first paradigm theory

Using Twitter Bootstrap on the Notes application

Flexbox and CSS Grids

Mobile-first design for the Notes application

Customizing a Bootstrap build

Data Storage and Retrieval

Data Storage and Retrieval

Remembering that data storage requires asynchronous code

Logging and capturing uncaught errors

Storing notes in a filesystem

Storing notes with the LevelDB datastore

Storing notes in SQL with SQLite3

Storing notes the ORM way with Sequelize

Storing notes in MongoDB

Authenticating Users with a Microservice

Authenticating Users with a Microservice

Creating a user information microservice

Providing login support for the Notes application

Providing Twitter login support for the Notes application

Keeping secrets and passwords secure

Running the Notes application stack

Dynamic Client/Server Interaction with Socket.IO

Dynamic Client/Server Interaction with Socket.IO

Introducing Socket.IO

Initializing Socket.IO with Express

Real-time updates on the Notes homepage

Inter-user chat and commenting for Notes

Section 3: Deployment

Section 3: Deployment

Deploying Node.js Applications to Linux Servers

Deploying Node.js Applications to Linux Servers

Notes application architecture and deployment considerations

Traditional Linux deployment for Node.js services

Adjusting Twitter authentication to work on the server

Setting up PM2 to manage Node.js processes

Deploying Node.js Microservices with Docker

Deploying Node.js Microservices with Docker

Setting up Docker on your laptop or computer

Setting up the user authentication service in Docker

Creating FrontNet for the Notes application

Managing multiple containers with Docker Compose

Using Redis for scaling the Notes application stack

Deploying a Docker Swarm to AWS EC2 with Terraform

Deploying a Docker Swarm to AWS EC2 with Terraform

Signing up with AWS and configuring the AWS CLI

An overview of the AWS infrastructure to be deployed

Using Terraform to create an AWS infrastructure

Setting up a Docker Swarm cluster on AWS EC2

Setting up ECR repositories for Notes Docker images

Creating a Docker stack file for deployment to Docker Swarm

Provisioning EC2 instances for a full Docker swarm

Deploying the Notes stack file to the swarm

Unit Testing and Functional Testing

Unit Testing and Functional Testing

Assert <span>–</span> the basis of testing methodologies

Testing a Notes model

Using Docker Swarm to manage test infrastructure

Testing REST backend services

Automating test results reporting

<span>Frontend headless browser testing with Puppeteer</span>

Security in Node.js Applications

Security in Node.js Applications

Implementing HTTPS in Docker for deployed Node.js applications

Using Helmet for across-the-board security in Express applications

Addressing Cross-Site Request Forgery (CSRF) attacks

Denying SQL injection attacks

Scanning for known vulnerabilities in Node.js packages

Using good cookie practices

Hardening the AWS EC2 deployment

AWS EC2 security best practices

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Creating a user information microservice

We could implement user authentication and accounts by simply adding a user model and a few routes and views to the existing Notes application. While that's easy, is this what is done in a real-world production application?

Consider the high value of user identity information and the super-strong need for robust and reliable user authentication. Website intrusions happen regularly, and it seems the item most frequently stolen is user identities. To that end, we declared earlier an intention to develop a user information microservice, but we must first discuss the technical rationale for doing so.

Microservices are not a panacea, of course, meaning we shouldn't try to force-fit every application into the microservice box. By analogy, microservices fit with the Unix philosophy of small tools, each doing one thing well, which we mix/match/combine into larger tools. Another word for this is composability. While we can build a lot of useful...