Node.js Web Development - Fourth Edition

Node.js Web Development - Fourth Edition

By : David Herron

Buy this Book

Node.js Web Development - Fourth Edition

By: David Herron

Buy this Book

Overview of this book

Node.js is a server-side JavaScript platform using an event-driven, non-blocking I/O model allowing users to build fast and scalable data-intensive applications running in real time. This book gives you an excellent starting point, bringing you straight to the heart of developing web applications with Node.js. You will progress from a rudimentary knowledge of JavaScript and server-side development to being able to create, maintain, deploy and test your own Node.js application.You will understand the importance of transitioning to functions that return Promise objects, and the difference between fs, fs/promises and fs-extra. With this book you'll learn how to use the HTTP Server and Client objects, data storage with both SQL and MongoDB databases, real-time applications with Socket.IO, mobile-first theming with Bootstrap, microservice deployment with Docker, authenticating against third-party services using OAuth, and use some well known tools to beef up security of Express 4.16 applications.

Title Page

Dedication

Packt Upsell

Contributors

Preface

Free Chapter

About Node.js

The capabilities of Node.js

Why should you use Node.js?

Threaded versus event-driven architecture

Embracing advances in the JavaScript language

Node.js, the microservice architecture, and easily testable systems

Node.js and the Twelve-Factor app model

Summary

Setting up Node.js

System requirements

Installing Node.js using package managers

Installing from source on POSIX-like systems

Installing multiple Node.js instances with nvm

Native code modules and node-gyp

Node.js versions policy and what to use

Editors and debuggers

Running and testing commands

NPM – the Node.js package manager

Node.js, ECMAScript 2015/2016/2017, and beyond

Summary

Node.js Modules

Defining a module

Finding and loading CommonJS and JSON modules using require

Finding and loading ES6 modules using import

Hybrid CommonJS/Node.js/ES6 module scenarios

npm - the Node.js package management system

The Yarn package management system

Summary

HTTP Servers and Clients

Sending and receiving events with EventEmitters

HTTP server applications

ES2015 multiline and template strings

HTTP Sniffer – listening to the HTTP conversation

Web application frameworks

Getting started with Express

Calculating the Fibonacci sequence with an Express application

Making HTTP Client requests

Calling a REST backend service from an Express application

Summary

Your First Express Application

Promises, async functions, and Express router functions

Express and the MVC paradigm

Creating the Notes application

Theming your Express application

Scaling up – running multiple Notes instances

Summary

Implementing the Mobile-First Paradigm

Problem – the Notes app isn't mobile friendly

Mobile-first paradigm

Using Twitter Bootstrap on the Notes application

Flexbox and CSS Grids

Mobile-first design for the Notes application

Building a customized Bootstrap

Summary

Data Storage and Retrieval

Data storage and asynchronous code

Logging

Using the ES6 module format

Storing notes in the filesystem

Storing notes with the LevelUP data store

Storing notes in SQL with SQLite3

Storing notes the ORM way with Sequelize

Storing notes in MongoDB

Summary

Multiuser Authentication the Microservice Way

Creating a user information microservice

Securely keeping secrets and passwords

The Notes application stack

Summary

Dynamic Client/Server Interaction with Socket.IO

Introducing Socket.IO

Initializing Socket.IO with Express

Real-time updates on the Notes homepage

Inter-user chat and commenting for Notes

Summary

Deploying Node.js Applications

Notes application architecture and deployment considerations

Traditional Linux Node.js service deployment

Node.js microservice deployment with Docker

Summary

Unit Testing and Functional Testing

Assert – the basis of testing methodologies

Testing a Notes model

Using Docker to manage test infrastructure

Testing REST backend services

Automating test results reporting

Frontend headless browser testing with Puppeteer

Summary

Security

HTTPS/TLS/SSL using Let's Encrypt

Put on your Helmet for across-the-board security

Addressing Cross-Site Request Forgery (CSRF) attacks

Denying SQL injection attacks

Scanning for known vulnerabilities

Using good cookie practices

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Summary

In this chapter, we've covered an extremely important topic, application security. Thanks to the hard work of the Node.js and Express communities, we've been able to tighten the security simply by adding a few bits of code here and there to configure security modules. We've even worked out how to prevent the system from being built, if it's using packages with known vulnerabilities.

Enabling HTTPS means our users have better assurance of security. The SSL certificate is a measure of authenticity that protects against man-in-the-middle security attacks, and the data is encrypted for transmission across the internet. With a little bit of work, we were able to set up a system to acquire, and continuously renew, free SSL certificates from the Let's Encrypt service.

The helmet package provides a suite of tools to set security headers that instruct web browsers on how to treat our content. These settings prevent or mitigate whole classes of security bugs. With the csurf package, we're able...

Node.js Web Development - Fourth Edition

By : David Herron

Node.js Web Development - Fourth Edition

By: David Herron

Overview of this book

Related Content you might be interested in

Current Title:

Node.js Web Development - Fourth Edition

Node Cookbook

RESTful Web API Design with Node.js 10

Summary