O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Node.js Web Development - Fourth Edition

Book Description

Create real-time applications using Node.js 10, Docker, MySQL, MongoDB, and Socket.IO with this practical guide and go beyond the developer's laptop to cover live deployment, including HTTPS and hardened security.

About This Book
  • Learn server-side JavaScript coding through the most up-to-date book on Node.js
  • Explore the latest JavaScript features, and EcmaScript modules
  • Walk through different stages of developing robust applications using Node.js 10
Who This Book Is For

This book is for anybody looking for an alternative to the "P" languages (Perl, PHP, and Python), or anyone looking for a new paradigm of server-side application development. You should have at least a rudimentary understanding of JavaScript and web application development.

What You Will Learn
  • Install and use Node.js 10 for both development and deployment
  • Use the Express 4.16 application framework
  • Work with REST service development using the Restify framework
  • Use data storage engines such as MySQL, SQLITE3, and MongoDB
  • Use User authentication methods with OAuth2
  • Perform Real-time communication with the front-end using Socket.IO
  • Implement Docker microservices in development, testing and deployment
  • Perform unit testing with Mocha 5.x, and functional testing with Puppeteer 1.1.x
  • Work with HTTPS using Let's Encrypt, and application security with Helmet
In Detail

Node.js is a server-side JavaScript platform using an event-driven, non-blocking I/O model allowing users to build fast and scalable data-intensive applications running in real time.

This book gives you an excellent starting point, bringing you straight to the heart of developing web applications with Node.js. You will progress from a rudimentary knowledge of JavaScript and server-side development to being able to create, maintain, deploy and test your own Node.js application.You will understand the importance of transitioning to functions that return Promise objects, and the difference between fs, fs/promises and fs-extra. With this book you'll learn how to use the HTTP Server and Client objects, data storage with both SQL and MongoDB databases, real-time applications with Socket.IO, mobile-first theming with Bootstrap, microservice deployment with Docker, authenticating against third-party services using OAuth, and use some well known tools to beef up security of Express 4.16 applications.

Style and approach

Benefit from an easy, step-by-step approach that really works.

Downloading the example code for this book You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.

Table of Contents

  1. Title Page
  2. Copyright and Credits
    1. Node.js Web Development Fourth Edition
  3. Dedication
  4. Packt Upsell
    1. Why subscribe?
    2. PacktPub.com
  5. Contributors
    1. About the author
    2. About the reviewer
    3. Packt is searching for authors like you
  6. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the example code files
      2. Conventions used
    4. Get in touch
      1. Reviews
  7. About Node.js
    1. The capabilities of Node.js
      1. Server-side JavaScript
    2. Why should you use Node.js?
      1. Popularity
      2. JavaScript at all levels of the stack
      3. Leveraging Google's investment in V8
      4. Leaner, asynchronous, event-driven model
      5. Microservice architecture
      6. Node.js is stronger for having survived a major schism and hostile fork
    3. Threaded versus event-driven architecture
      1. Performance and utilization
        1. Is Node.js a cancerous scalability disaster?
      2. Server utilization, the business bottom line, and green web hosting
    4. Embracing advances in the JavaScript language
      1. Deploying ES2015/2016/2017/2018 JavaScript code
    5. Node.js, the microservice architecture, and easily testable systems
    6. Node.js and the Twelve-Factor app model
    7. Summary
  8. Setting up Node.js
    1. System requirements
    2. Installing Node.js using package managers
      1. Installing on macOS with MacPorts
      2. Installing on macOS with Homebrew
      3. Installing on Linux, *BSD, or Windows from package management systems
        1. Installing Node.js in the Windows Subsystem for Linux (WSL)
        2. Opening an administrator-privileged PowerShell on Windows
      4. Installing the Node.js distribution from nodejs.org
    3. Installing from source on POSIX-like systems
      1. Installing prerequisites
      2. Installing developer tools on macOS
      3. Installing from source for all POSIX-like systems
      4. Installing from source on Windows
    4. Installing multiple Node.js instances with nvm
      1. Installing nvm on Windows
    5. Native code modules and node-gyp
    6. Node.js versions policy and what to use
    7. Editors and debuggers
    8. Running and testing commands
      1. Node.js's command-line tools
      2. Running a simple script with Node.js
      3. Conversion to async functions and the Promise paradigm
      4. Launching a server with Node.js
    9. NPM – the Node.js package manager
    10. Node.js, ECMAScript 2015/2016/2017, and beyond 
      1. Using Babel to use experimental JavaScript features
    11. Summary
  9. Node.js Modules
    1. Defining a module
      1. CommonJS and ES2015 module formats
        1. CommonJS/Node.js module format
        2. ES6 module format
        3. JSON modules
        4. Supporting ES6 modules on older Node.js versions
      2. Demonstrating module-level encapsulation
    2. Finding and loading CommonJS and JSON modules using require
      1. File modules
      2. Modules baked into Node.js binary
      3. Directories as modules
      4. Module identifiers and pathnames
      5. An example of application directory structure
    3. Finding and loading ES6 modules using import
    4. Hybrid CommonJS/Node.js/ES6 module scenarios
      1. Dynamic imports with import()
      2. The import.meta feature
    5. npm - the Node.js package management system
      1. The npm package format
      2. Finding npm packages
      3. Other npm commands
      4. Installing an npm package
        1. Installing a package by version number
        2. Global package installs
        3. Avoiding global module installation
      5. Maintaining package dependencies with npm
        1. Automatically updating package.json dependencies
        2. Fixing bugs by updating package dependencies
      6. Packages that install commands
        1. Configuring the PATH variable to handle commands installed by modules
        2. Configuring the PATH variable on Windows
        3. Avoiding modifications to the PATH variable
      7. Updating outdated packages you've installed
      8. Installing packages from outside the npm repository
      9. Initializing a new npm package
      10. Declaring Node.js version compatibility
      11. Publishing an npm package
      12. Explicitly specifying package dependency version numbers
    6. The Yarn package management system
    7. Summary
  10. HTTP Servers and Clients
    1. Sending and receiving events with EventEmitters
      1. JavaScript classes and class inheritance
      2. The EventEmitter Class
      3. The EventEmitter theory
    2. HTTP server applications
    3. ES2015 multiline and template strings
    4. HTTP Sniffer – listening to the HTTP conversation
    5. Web application frameworks
    6. Getting started with Express
      1. Setting environment variables in Windows cmd.exe command line
      2. Walking through the default Express application
      3. The Express middleware
      4. Middleware and request paths
      5. Error handling
    7. Calculating the Fibonacci sequence with an Express application
      1. Computationally intensive code and the Node.js event loop
        1. Algorithmic refactoring
    8. Making HTTP Client requests
    9. Calling a REST backend service from an Express application
      1. Implementing a simple REST server with Express
      2. Refactoring the Fibonacci application for REST
      3. Some RESTful modules and frameworks
    10. Summary
  11. Your First Express Application
    1. Promises, async functions, and Express router functions
      1. Promises and error handling
      2. Flattening our asynchronous code
      3. Promises and generators birthed async functions
    2. Express and the MVC paradigm
    3. Creating the Notes application
      1. Your first Notes model
        1. Understanding ES-2015 class definitions
        2. Filling out the in-memory Notes model
      2. The Notes home page
      3. Adding a new note – create
      4. Viewing notes – read
      5. Editing an existing note – update
      6. Deleting notes – destroy
    4. Theming your Express application
    5. Scaling up – running multiple Notes instances
    6. Summary
  12. Implementing the Mobile-First Paradigm
    1. Problem – the Notes app isn't mobile friendly
    2. Mobile-first paradigm
    3. Using Twitter Bootstrap on the Notes application
      1. Setting it up
      2. Adding Bootstrap to application templates
      3. Alternative layout frameworks
    4. Flexbox and CSS Grids
    5. Mobile-first design for the Notes application
      1. Laying the Bootstrap grid foundation
      2. Responsive page structure for the Notes application
      3. Using icon libraries and improving visual appeal
      4. Responsive page header navigation bar
      5. Improving the Notes list on the front page
      6. Cleaning up the Note viewing experience
      7. Cleaning up the add/edit note form
      8. Cleaning up the delete-note window
    6. Building a customized Bootstrap
      1. Pre-built custom Bootstrap themes
    7. Summary
  13. Data Storage and Retrieval
    1. Data storage and asynchronous code
    2. Logging
      1. Request logging with Morgan
      2. Debugging messages
      3. Capturing stdout and stderr
      4. Uncaught exceptions
      5. Unhandled Promise rejections
    3. Using the ES6 module format
      1. Rewriting app.js as an ES6 module
      2. Rewriting bin/www as an ES6 module
      3. Rewriting models code as ES6 modules
      4. Rewriting router modules as ES6 modules
    4. Storing notes in the filesystem
      1. Dynamic import of ES6 modules
      2. Running the Notes application with filesystem storage
    5. Storing notes with the LevelUP data store
    6. Storing notes in SQL with SQLite3
      1. SQLite3 database schema
      2. SQLite3 model code
      3. Running Notes with SQLite3
    7. Storing notes the ORM way with Sequelize
      1. Sequelize model for the Notes application
      2. Configuring a Sequelize database connection
      3. Running the Notes application with Sequelize
    8. Storing notes in MongoDB
      1. MongoDB model for the Notes application
      2. Running the Notes application with MongoDB
    9. Summary
  14. Multiuser Authentication the Microservice Way
    1. Creating a user information microservice
      1. User information model
      2. A REST server for user information
      3. Scripts to test and administer the user authentication server
      4. Login support for the Notes application
        1. Accessing the user authentication REST API
        2. Login and logout routing functions
        3. Login/logout changes to app.js
        4. Login/logout changes in routes/index.mjs
        5. Login/logout changes required in routes/notes.mjs
        6. View template changes supporting login/logout
        7. Running the Notes application with user authentication
      5. Twitter login support for the Notes application
        1. Registering an application with Twitter
        2. Implementing TwitterStrategy
    2. Securely keeping secrets and passwords
    3. The Notes application stack
    4. Summary
  15. Dynamic Client/Server Interaction with Socket.IO
    1. Introducing Socket.IO
    2. Initializing Socket.IO with Express
    3. Real-time updates on the Notes homepage
      1. The Notes model as an EventEmitter class
      2. Real-time changes in the Notes home page
        1. Changing the homepage and layout templates
        2. Running Notes with real-time homepage updates
      3. Real-time action while viewing notes
        1. Changing the note view template for real-time action
        2. Running Notes with real-time updates while viewing a note
    4. Inter-user chat and commenting for Notes
      1. Data model for storing messages
      2. Adding messages to the Notes router
      3. Changing the note view template for messages
        1. Using a Modal window to compose messages
        2. Sending, displaying, and deleting messages
        3. Running Notes and passing messages
        4. Other applications of Modal windows
    5. Summary
  16. Deploying Node.js Applications
    1. Notes application architecture and deployment considerations
    2. Traditional Linux Node.js service deployment
      1. Prerequisite – provisioning the databases
      2. Installing Node.js on Ubuntu
      3. Setting up Notes and user authentication on the server
        1. Adjusting Twitter authentication to work on the server
      4. Setting up PM2 to manage Node.js processes
    3. Node.js microservice deployment with Docker
      1. Installing Docker on your laptop
        1. Starting Docker with Docker for Windows/macOS
        2. Kicking the tires of Docker
      2. Creating the AuthNet for the user authentication service
        1. MySQL container for Docker
        2. Initializing AuthNet
        3. Script execution on Windows
        4. Linking Docker containers
        5. The db-userauth container
        6. Dockerfile for the authentication service
        7. Configuring the authentication service for Docker
        8. Building and running the authentication service Docker container
        9. Exploring Authnet
      3. Creating FrontNet for the Notes application
        1. MySQL container for the Notes application
        2. Dockerizing the Notes application
        3. Controlling the location of MySQL data volumes
        4. Docker deployment of background services
      4. Deploying to the cloud with Docker compose
        1. Docker compose files
        2. Running the Notes application with Docker compose
      5. Deploying to cloud hosting with Docker compose
    4. Summary
  17. Unit Testing and Functional Testing
    1. Assert – the basis of testing methodologies
    2. Testing a Notes model
      1. Mocha and Chai­ – the chosen test tools
      2. Notes model test suite
        1. Configuring and running tests
        2. More tests for the Notes model
        3. Testing database models
    3. Using Docker to manage test infrastructure
      1. Docker Compose to orchestrate test infrastructure
      2. Executing tests under Docker Compose
        1. MongoDB setup under Docker and testing Notes against MongoDB
    4. Testing REST backend services
    5. Automating test results reporting
    6. Frontend headless browser testing with Puppeteer
      1. Setting up Puppeteer
      2. Improving testability in the Notes UI
      3. Puppeteer test script for Notes
        1. Running the login scenario
        2. The Add Note scenario
      4. Mitigating/preventing spurious test errors in Puppeteer scripts
        1. Configuring timeouts
        2. Tracing events on the Page and the Puppeteer instance
        3. Inserting pauses
        4. Avoiding WebSockets conflicts
        5. Taking screenshots
    7. Summary
  18. Security
    1. HTTPS/TLS/SSL using Let's Encrypt
      1. Associating a domain name with Docker-based cloud hosting
      2. A Docker container to manage Let's Encrypt SSL certificates
      3. Cross-container mounting of Let's Encrypt directories to the notes container
      4. Adding HTTPS support to Notes
    2. Put on your Helmet for across-the-board security
      1. Using Helmet to set the Content-Security-Policy header
      2. Using Helmet to set the X-DNS-Prefetch-Control header
      3. Using Helmet to set the X-Frame-Options header
      4. Using Helmet to remove the X-Powered-By header
      5. Improving HTTPS with Strict Transport Security
      6. Mitigating XSS attacks with Helmet
    3. Addressing Cross-Site Request Forgery (CSRF) attacks
    4. Denying SQL injection attacks
      1. Sequelize deprecation warning regarding operator injection attack
    5. Scanning for known vulnerabilities
    6. Using good cookie practices
    7. Summary
  19. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think