Book Image

Node Cookbook

By : David Mark Clements
Book Image

Node Cookbook

By: David Mark Clements

Overview of this book

The principles of asynchronous event-driven programming are perfect for today's web, where efficient real-time applications and scalability are at the forefront. Server-side JavaScript has been here since the 90's but Node got it right. With a thriving community and interest from Internet giants, it could be the PHP of tomorrow. "Node Cookbook" shows you how to transfer your JavaScript skills to server side programming. With simple examples and supporting code, "Node Cookbook" talks you through various server side scenarios often saving you time, effort, and trouble by demonstrating best practices and showing you how to avoid security faux pas. Beginning with making your own web server, the practical recipes in this cookbook are designed to smoothly progress you to making full web applications, command line applications, and Node modules. Node Cookbook takes you through interfacing with various database backends such as MySQL, MongoDB and Redis, working with web sockets, and interfacing with network protocols, such as SMTP. Additionally, there are recipes on correctly performing heavy computations, security implementations, writing, your own Node modules and different ways to take your apps live.

Related Content you might be interested in

Current Title:

Small book image
Node Cookbook
David Mark Clements
Jul, 2012 | 342 pages
No titles found
Table of Contents (16 chapters)
Node Cookbook
Node Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Making a Web Server
Making a Web Server
Introduction
Setting up a router
Serving static files
Caching content in memory for immediate delivery
Optimizing performance with streaming
Securing against filesystem hacking exploits
2
Exploring the HTTP Object
Exploring the HTTP Object
Introduction
Processing POST data
Handling file uploads
Using Node as an HTTP client
Implementing download throttling
3
Working with Data Serialization
Working with Data Serialization
Introduction
Converting an object to JSON and back again
Converting an object to XML and back again
Browser-server transmission via AJAX
Working with real data: fetching trending tweets
4
Interfacing with Databases
Interfacing with Databases
Introduction
Writing to a CSV file
Connecting and sending SQL to a MySQL server
Storing and retrieving data with MongoDB
Storing and retrieving data with Mongoskin
Storing data to CouchDB with Cradle
Retrieving data from CouchDB with Cradle
Accessing CouchDB changes stream with Cradle
Storing and retrieving data with Redis
Implementing PubSub with Redis
5
Transcending AJAX: Using WebSockets
Transcending AJAX: Using WebSockets
Introduction
Creating a WebSocket server
Seamless fallbacking with socket.io
Callbacks over socket.io transport
Creating a real-time widget
6
Accelerating Development with Express
Accelerating Development with Express
Introduction
Generating Express scaffolding
Defining and applying environments
Dynamic routing
Templating in Express
CSS engines with Express
Initializing and using a session
Making an Express web app
7
Implementing Security, Encryption, and Authentication
Implementing Security, Encryption, and Authentication
Introduction
Implementing Basic Authentication
Cryptographic password hashing
Implementing Digest Authentication
Setting up an HTTPS web server
Preventing cross-site request forgery
8
Integrating Network Paradigms
Integrating Network Paradigms
Introduction
Sending email
Sending SMS
Communicating with TCP
Creating an SMTP server
Implementing a virtual hosting paradigm
9
Writing Your Own Node Modules
Writing Your Own Node Modules
Introduction
Creating a test-driven module API
Writing a functional module mock-up
Refactoring from functional to prototypical
Extending the module's API
Deploying a module to npm
10
Taking It Live
Taking It Live
Introduction
Deploying to a server environment
Automatic crash recovery
Continuous deployment
Hosting with a Platform as a Service provider

Implementing Digest Authentication

Digest Authentication combines Basic Authentication with MD5 encryption, thus avoiding the transmission of plain text passwords, making for a more secure login method over plain HTTP.

On its own, Digest Authentication is still insecure without an SSL/TLS-secured HTTPS connection. Anything over plain HTTP is vulnerable to man in the middle attacks, where an adversary can intercept requests and forge responses. An attacker could masquerade as the server, replacing the expected Digest response with a Basic Authentication response, thus gaining the password in plain text.

Nevertheless, in the absence of SSL/TLS, Digest Authentication at least affords us some defense in the area of plain text passwords requiring more advanced circumvention techniques.

So in this recipe, we will create a Digest Authentication server.

Getting ready

To begin with, we simply have to create a new folder with a new server.js file.

How to do it...

As in the Basic Authentication recipe...

Previous Section
End of Section 5
Next Section