Book Image

Advanced Express Web Application Development

By : Andrew Keig
Book Image

Advanced Express Web Application Development

By: Andrew Keig

Overview of this book

Building an Express application that is reliable, robust, maintainable, testable, and can scale beyond a single server requires a bit of extra thought and effort. Express applications that need to survive in a production environment will need to reach out to the Node ecosystem and beyond, for support.You will start by laying the foundations of your software development journey, as you drive-out features under test. You will move on quickly to expand on your existing knowledge, learning how to create a web API and a consuming client. You will then introduce a real-time element in your application.Following on from this, you will begin a process of incrementally improving your application as you tackle security, introduce SSL support, and how to handle security vulnerabilities. Next, the book will take you through the process of scaling and then decoupling your application. Finally, you will take a look at various ways you can improve your application's performance and reliability.

Related Content you might be interested in

Current Title:

Small book image
Advanced Express Web Application Development
Andrew Keig
Nov, 2013 | 148 pages
No titles found
Table of Contents (14 chapters)
Advanced Express Web Application Development
Advanced Express Web Application Development
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Foundations
Foundations
Feature set
Installation
package.json
Testing Express with Mocha and SuperTest
Feature: Heartbeat
Continuous testing with Mocha
Code coverage with Mocha and JSCoverage
Configuring Express with Nconf
Extracting routes
404 handling middleware
Logging middleware
Logging with Winston
Task automation with Grunt
Summary
2
Building a Web API
Building a Web API
Persisting data with MongoDB and Mongoose
GitHub tokens
Feature: Create a project
Feature: Get a project
Feature: Edit a project
Feature: Delete a project
Feature: List projects
GitHub API
Feature: List repositories
Feature: List commits
Feature: List issues
Validating parameters with param middleware
Route improvements
Summary
3
Templating
Templating
Server-side templating
Feature: Master Page
Package management with Bower
Templates
Client-side development with Backbone.js
Feature: List projects
Feature: List repositories
Feature: Create a project
Feature: Edit a project
Feature: Delete a project
Feature: List commits
Feature: List issues
Summary
4
Real-time Communication
Real-time Communication
Caching data with Redis
Populating Redis
Socket.IO
Socket.IO on the client
Scheduling Redis population
Summary
5
Security
Security
Setting up Passport
Acceptance testing with Cucumber and Zombie.js
Feature: Authentication
Securing our site with HTTPS
Sharing Express sessions with Socket.IO
Cross-site request forgery
Improving security with HTTP headers and helmet
Summary
6
Scaling
Scaling
Scaling Express sessions with Redis
Scaling Socket.IO with Redis
Scaling Express horizontally
Vertical scale with Cluster
Balancing load with Hipache
Summary
7
Production
Production
Error handling, domains, and crash-only design
Redis sessions
SSL termination
Caching
Favicon
Compression
Logging
Summary
Index
Index

Sharing Express sessions with Socket.IO

Now that we have session support in place, we can share the session with Socket.IO allowing us to accept or reject the connection based on this session data. Express and Socket.IO do this using a handshake mechanism. When a client connects to the server, the handshake is initiated, which consists of executing an authorization function on Socket.IO. Here, the cookie associated with the handshake request is examined and rejected if invalid. Let's install session.socket.io; a module that has wrapped up this process:

npm install session.socket.io --save

First off, let's change our Express server, ./lib/express/index.js, and pass to our SocketHandler module the sessionStore and the cookieParser:

var socketHandler = new SocketHandler(httpServer, sessionStore, cookieParser);

The SocketHandler module now accepts the parameters httpServer, sessionStore, and cookieParser. The SocketHandler will now instantiate a SessionSockets module passing socketIo, the sessionStore...

Previous Section
End of Section 6
Next Section