Node.js Web Development - Fifth Edition

Book description

Build scalable web applications using Node.js, Express.js, and the latest ECMAScript techniques, along with deploying applications with AWS and Docker with this updated fifth edition

Key Features

  • Learn backend web programming with the JavaScript stack
  • Explore best practices, right from configuring and building web servers to deploying them on a production cloud hosting system: AWS using Docker and Terraform
  • Work through the different stages of developing robust and scalable apps using Node.js 14

Book Description

Node.js is the leading choice of server-side web development platform, enabling developers to use the same tools and paradigms for both server-side and client-side software. This updated fifth edition of Node.js Web Development focuses on the new features of Node.js 14, Express 4.x, and ECMAScript, taking you through modern concepts, techniques, and best practices for using Node.js.

The book starts by helping you get to grips with the concepts of building server-side web apps with Node.js. You'll learn how to develop a complete Node.js web app, with a backend database tier to help you explore several databases. You'll deploy the app to real web servers, including a cloud hosting platform built on AWS EC2 using Terraform and Docker Swarm, while integrating other tools such as Redis and NGINX. As you advance, you'll learn about unit and functional testing, along with deploying test infrastructure using Docker. Finally, you'll discover how to harden Node.js app security, use Let's Encrypt to provision the HTTPS service, and implement several forms of app security with the help of expert practices. With each chapter, the book will help you put your knowledge into practice throughout the entire life cycle of developing a web app.

By the end of this Node.js book, you'll have gained practical Node.js web development knowledge and be able to build and deploy your own apps on a public web hosting solution.

What you will learn

  • Install and use Node.js 14 and Express 4.17 for both web development and deployment
  • Implement RESTful web services using the Restify framework
  • Develop, test, and deploy microservices using Docker, Docker Swarm, and Node.js, on AWS EC2 using Terraform
  • Get up to speed with using data storage engines such as MySQL, SQLite3, and MongoDB
  • Test your web applications using unit testing with Mocha, and headless browser testing with Puppeteer
  • Implement HTTPS using Let's Encrypt and enhance application security with Helmet

Who this book is for

If you're looking for an alternative to the 'P' languages (Perl, PHP, and Python), or if you want to get started with server-side web development with JavaScript programming, or if you want a deep dive into deploying services to cloud hosting, this Node.js book is for you. A rudimentary understanding of JavaScript and web application development is a must before you get started with this book.

Publisher resources

Download Example Code

Table of contents

  1. Title Page
  2. Copyright and Credits
    1. Node.js Web Development<br /> <em>Fifth Edition</em>
  3. Dedication
  4. About Packt
    1. Why subscribe?
  5. Contributors
    1. About the author
    2. About the reviewers
    3. Packt is searching for authors like you
  6. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Conventions used
    6. Get in touch
    7. Reviews
  7. Section 1: Introduction to Node.js
  8. About Node.js
    1. Overview of Node.js
    2. The capabilities of Node.js
    3. What are folks doing with Node.js?
    4. Server-side JavaScript
    5. Why should you use Node.js?
    6. Popularity
    7. JavaScript everywhere
    8. Leveraging Google's investment in V8
    9. Leaner, asynchronous,&#160;event-driven model
    10. Microservice architecture
    11. Node.js is stronger after a major schism and hostile fork
    12. The Node.js event-driven architecture
    13. The Node.js answer to complexity
    14. Asynchronous requests in Node.js
    15. Performance and utilization
    16. Is Node.js a cancerous scalability disaster?
    17. Server utilization, overhead costs, and environmental impact
    18. Embracing advances in the JavaScript language
    19. Deploying ES2015/2016/2017/2018 JavaScript code
    20. TypeScript and Node.js
    21. Developing microservices or maxiservices with Node.js
    22. Summary
  9. Setting Up Node.js
    1. System requirements
    2. Installing Node.js using package managers
    3. Installing Node.js on macOS with MacPorts
    4. Installing Node.js on macOS with Homebrew
    5. Installing Node.js on Linux, *BSD, or Windows from package management systems
    6. Installing Node.js in WSL
    7. Opening an administrator-privileged PowerShell on Windows
    8. Installing the Node.js distribution from
    9. Installing from the source on POSIX-like systems
    10. Installing prerequisites
    11. Installing developer tools on macOS
    12. Installing from the source for all POSIX-like systems
    13. Installing from the source on Windows
    14. Installing multiple Node.js instances with nvm
    15. Installing nvm on Windows
    16. Requirements for installing native code modules
    17. Choosing Node.js versions to use and the version policy
    18. Choosing editors and debuggers for Node.js
    19. Running and testing commands
    20. Using Node.js's command-line tools
    21. Running a simple script with Node.js
    22. Writing inline async arrow functions
    23. Converting&#160;to async functions and the Promise paradigm
    24. Launching a server with Node.js
    25. Using npm, the Node.js package manager
    26. Using npx to execute Node.js packaged binaries
    27. Advancing Node.js with ECMAScript 2015, 2016, 2017, and beyond&#160;
    28. Using Babel to use experimental JavaScript features
    29. Summary
  10. Exploring Node.js Modules
    1. Defining a Node.js module
    2. Examining the traditional Node.js module format
    3. Examining the ES6/ES2015 module format
    4. Injected objects in ES6 modules
    5. Computing the missing<span>&#160;</span>__dirname<span>&#160;</span>variable in ES6 modules
    6. Using CommonJS and ES6 modules together
    7. Using ES6 modules from CommonJS using import()
    8. Hiding implementation details with encapsulation in CommonJS and ES6 modules
    9. <span>Using JSON modules</span>
    10. Supporting ES6 modules on older Node.js versions
    11. Finding and loading modules using require and import
    12. Understanding File modules
    13. The ES6 import statement takes a URL
    14. Understanding the Node.js core modules
    15. Using a directory as a module
    16. Comparing installed packages and modules
    17. Finding the installed package in the file system&#160;
    18. Handling multiple versions of the same installed package
    19. Searching for globally installed packages
    20. Reviewing module identifiers and pathnames
    21. Using deep import module specifiers
    22. Overriding a deep import module identifier
    23. Studying an example project directory structure
    24. Loading modules using require, import, and import()
    25. Using npm – the Node.js package management system
    26. The npm package format
    27. Accessing npm helpful documentation
    28. Initializing a Node.js package or project with npm init
    29. Finding npm packages
    30. The package.json fields that help finding packages
    31. Installing an npm package
    32. Installing a package by version number
    33. Installing packages from outside the npm repository
    34. Global package installs
    35. Avoiding global module installation
    36. <span>Maintaining package dependencies with npm</span>
    37. Automatically updating package.json dependencies
    38. Fixing bugs by updating package dependencies
    39. Explicitly specifying package dependency version numbers
    40. Packages that install commands
    41. Configuring the PATH variable to handle locally installed commands
    42. Configuring the PATH variable on Windows
    43. Avoiding modifications to the PATH variable
    44. <span>Updating packages you've installed when they're outdated</span>
    45. Automating tasks with scripts in package.json
    46. Declaring Node.js version compatibility
    47. Publishing an npm package
    48. The Yarn package management system
    49. Summary
  11. HTTP Servers and Clients
    1. Sending and receiving events with EventEmitter
    2. JavaScript classes and class <span><span>i</span></span>nheritance
    3. The EventEmitter class
    4. The EventEmitter theory
    5. Understanding HTTP server applications
    6. ES2015 multiline and template strings
    7. HTTP Sniffer – listening to the HTTP conversation
    8. Web application frameworks
    9. Getting started with Express
    10. <span>Setting environment variables in the Windows cmd.exe command line</span>
    11. Walking through the default Express application
    12. Understanding Express middleware
    13. Contrasting middleware and request handlers
    14. Error handling
    15. Creating an Express application to compute Fibonacci numbers
    16. Computationally intensive code and the&#160;Node.js event loop
    17. Algorithmic refactoring
    18. Making HTTPClient requests
    19. Calling a REST backend service from an Express application
    20. Implementing a simple REST server&#160;with Express
    21. Refactoring the Fibonacci application to call the REST service
    22. Some RESTful modules and frameworks
    23. Summary
  12. Section 2: Developing the Express Application
  13. Your First Express Application
    1. Exploring Promises and async functions in Express router functions
    2. Promises and error handling in Express router functions
    3. Integrating async functions with Express router functions
    4. Architecting an Express application in the MVC paradigm
    5. Creating the Notes application
    6. Rewriting the generated router module as an ES6 module
    7. Creating the Notes application wiring –&#160;app.mjs
    8. Implementing the Notes data storage model
    9. Data hiding in ES-2015 class definitions
    10. Implementing an in-memory Notes datastore
    11. The Notes home page
    12. Adding a new note – create
    13. Viewing notes – read
    14. Editing an existing note – update
    15. Deleting notes – destroy
    16. Theming your Express application
    17. Scaling up – running multiple Notes instances
    18. Summary
  14. Implementing the Mobile-First Paradigm
    1. Understanding the problem – the Notes app isn't mobile-friendly
    2. Learning the mobile-first paradigm theory
    3. Using Twitter Bootstrap on the Notes application
    4. Setting up Bootstrap
    5. Adding Bootstrap to the Notes application
    6. Alternative layout frameworks
    7. Flexbox and CSS Grids
    8. Mobile-first design for the Notes application
    9. Laying the Bootstrap grid foundation
    10. Responsive page structure for the Notes application
    11. Using icon libraries and improving visual appeal
    12. Responsive page header navigation bar
    13. Improving the Notes list on the front page
    14. Cleaning up the note viewing experience
    15. Cleaning up the add/edit note form
    16. Cleaning up the delete-note window
    17. Customizing a Bootstrap build
    18. Using third-party custom Bootstrap themes
    19. Summary
  15. Data Storage and Retrieval
    1. Remembering that data storage requires asynchronous code
    2. Logging and capturing uncaught errors
    3. Request logging with morgan
    4. Debugging messages
    5. Capturing stdout and stderr
    6. Capturing uncaught exceptions and unhandled rejected Promises
    7. Storing notes in a filesystem
    8. Dynamically importing ES6 modules
    9. Running the Notes application with filesystem storage
    10. Storing notes with the LevelDB datastore
    11. Closing database connections when closing the process
    12. Storing notes in SQL with SQLite3
    13. The SQLite3 database schema
    14. The SQLite3 model code
    15. Running Notes with SQLite3
    16. Storing notes the ORM way with Sequelize
    17. Configuring Sequelize and connecting to a database
    18. Creating a Sequelize model for the Notes application
    19. Running the Notes application with Sequelize
    20. Storing notes in MongoDB
    21. A MongoDB model for the Notes application
    22. Running the Notes application with MongoDB
    23. Summary
  16. Authenticating Users with a Microservice
    1. Creating a user information microservice
    2. Developing the user information model
    3. Creating a REST server for user information
    4. Creating a command-line tool to test and administer the user authentication server
    5. Creating a user in the user information database
    6. Reading user data from the user information service
    7. Updating user information in the user information service
    8. Deleting a user record from the user information service
    9. Checking the user's password in the user information service
    10. Providing login support for the Notes application
    11. Accessing the user authentication REST API
    12. Incorporating login and logout routing functions in the Notes application
    13. Login/logout changes to app.mjs
    14. Login/logout changes in routes/index.mjs
    15. Login/logout changes required in routes/notes.mjs
    16. Viewing template changes supporting login/logout
    17. Running the Notes application with user authentication
    18. Providing Twitter login support for the Notes application
    19. Registering an application with Twitter
    20. Storing authentication tokens
    21. Implementing TwitterStrategy
    22. Keeping secrets and passwords secure
    23. Adding password encryption to the user information service
    24. Implementing encrypted password support in the Notes application
    25. Running the Notes application stack
    26. Summary
  17. Dynamic Client/Server Interaction with Socket.IO
    1. Introducing Socket.IO
    2. Initializing Socket.IO with Express
    3. Real-time updates on the Notes homepage
    4. Refactoring the NotesStore classes to emit events
    5. Real-time changes in the Notes home page
    6. Changing the home page and layout templates
    7. Adding a Socket.IO client to the Notes home page
    8. Running Notes with real-time home page updates
    9. A word on enabling debug tracing in Socket.IO code
    10. Real-time action while viewing notes
    11. Changing the note view template for real-time action
    12. Running Notes with pseudo-real-time updates while viewing a note
    13. Inter-user chat and commenting for Notes
    14. Data model for storing messages
    15. Adding support for messages to the Notes router
    16. Changing the note view template for messages
    17. Composing messages on the Note view page
    18. Showing any existing messages on the Note view page
    19. Deleting messages on the Notes view page
    20. Running Notes and passing messages
    21. Summary
  18. Section 3: Deployment
  19. Deploying Node.js Applications to Linux Servers
    1. Notes application architecture and deployment considerations
    2. Traditional Linux&#160;deployment for Node.js services
    3. Installing Multipass
    4. Handling a failure to launch Multipass instances on Windows
    5. Provisioning a server for the user authentication service
    6. Testing the deployed user authentication service
    7. Script execution in PowerShell on Windows
    8. Provisioning a server for the Notes service
    9. Adjusting Twitter authentication to work on the server
    10. Setting up PM2 to manage Node.js processes
    11. Familiarizing ourselves with PM2
    12. Scripting the PM2 setup on Multipass
    13. Integrating the PM2 setup as persistent background processes
    14. Summary
  20. Deploying Node.js Microservices with Docker
    1. Setting up Docker on your laptop or computer
    2. Installing and starting Docker with Docker for Windows or macOS
    3. Familiarizing ourselves with Docker
    4. Setting up the user authentication service in Docker
    5. Launching a MySQL container in Docker
    6. The ephemeral nature of Docker containers
    7. Defining the Docker architecture for the authentication service
    8. Creating the MySQL container for the authentication service
    9. Security in the database container
    10. Dockerizing the authentication service
    11. Creating the authentication service Dockerfile&#160;
    12. Building and running the authentication service Docker container
    13. Exploring<span>&#160;</span>AuthNet
    14. Creating FrontNet for the Notes application
    15. MySQL container for the<span>&#160;</span>Notes application
    16. Dockerizing the Notes application
    17. Managing multiple containers with Docker Compose
    18. Docker Compose file for the Notes stack
    19. Building and running the Notes application with Docker Compose
    20. Using Redis for scaling the Notes application stack
    21. Testing session management with multiple Notes service instances
    22. Storing Express/Passport<span>&#160;</span>session data in a Redis server
    23. Distributing Socket.IO messages using Redis
    24. Summary
  21. Deploying a Docker Swarm to AWS EC2 with Terraform
    1. Signing up with AWS and configuring the AWS CLI
    2. Finding your way around the AWS account
    3. Setting up the AWS CLI using<span>&#160;</span>AWS authentication credentials
    4. Creating an IAM user account, groups, and roles
    5. Creating an EC2 key pair
    6. An overview of the AWS infrastructure to be deployed
    7. Using Terraform to create an AWS infrastructure
    8. Configuring an AWS VPC with Terraform
    9. Configuring the AWS gateway and subnet resources
    10. Deploying the infrastructure to AWS using Terraform
    11. Setting up a Docker Swarm cluster on AWS EC2
    12. Deploying a single-node Docker Swarm on a single EC2 instance
    13. Adding an EC2 instance and configuring Docker
    14. Launching the EC2 instance on AWS
    15. Handling the AWS EC2 key-pair file
    16. Testing the initial Docker Swarm
    17. Setting up remote control access to a Docker Swarm hosted on EC2
    18. Setting up ECR repositories for Notes Docker images
    19. Using environment variables for AWS CLI commands
    20. Defining a process to build Docker images and push them to the AWS ECR
    21. Creating a Docker stack file for deployment to Docker Swarm
    22. Creating a Docker stack file from the Notes Docker compose file
    23. Placing containers across the swarm
    24. Configuring secrets in Docker Swarm
    25. Persisting data in a Docker swarm
    26. Provisioning EC2 instances for a full Docker swarm
    27. Configuring EC2 instances and connecting to the swarm
    28. Implementing semi-automatic initialization of the Docker Swarm
    29. Preparing the Docker Swarm before deploying the Notes stack
    30. Deploying the Notes stack file to the swarm
    31. Preparing to deploy the Notes stack to the swarm
    32. Deploying the Notes stack to the swarm
    33. Verifying the correct launch of the Notes application stack
    34. Diagnosing a failure to launch the database services
    35. Testing the deployed Notes application
    36. Logging in with a regular account on Notes
    37. Diagnosing an inability to log in with Twitter credentials
    38. Scaling the Notes instances
    39. Summary
  22. Unit Testing and Functional Testing
    1. Assert <span>–</span> the basis of testing methodologies
    2. Testing a Notes model
    3. Mocha and Chai­ <span>–</span> the chosen test tools
    4. Notes model test suite
    5. Creating the initial Notes model test case
    6. Running the first test case
    7. Adding some tests
    8. More tests for the Notes model
    9. Diagnosing test failures
    10. Testing against databases that require server setup <span>–</span> MySQL and MongoDB
    11. Using Docker Swarm to manage test infrastructure
    12. Using Docker Swarm to deploy test infrastructure
    13. Executing tests under Docker Swarm
    14. MongoDB setup under Docker and testing Notes against MongoDB
    15. Testing REST backend services
    16. Automating test results reporting
    17. <span>Frontend headless browser testing&#160;with Puppeteer</span>
    18. Setting up a Puppeteer-based testing project directory
    19. Creating an initial Puppeteer test for the Notes application stack
    20. Executing the initial Puppeteer test
    21. Testing login/logout functionality in Notes
    22. Testing the ability to add Notes
    23. Implementing negative tests with Puppeteer
    24. Testing login with a bad user ID
    25. Testing a response to a bad URL&#160;
    26. Improving testability in the Notes UI
    27. Summary
  23. Security in Node.js Applications
    1. Implementing HTTPS in Docker for deployed Node.js applications
    2. Assigning a domain name for an application deployed on AWS EC2
    3. Updating the Twitter application
    4. Planning how to use Let's Encrypt
    5. Using NGINX and Let's Encrypt in Docker to implement HTTPS for Notes
    6. Adding the Cronginx container to support HTTPS on Notes
    7. Creating an NGINX configuration to support registering domains with Let's Encrypt
    8. Adding the required directories on the EC2 host
    9. Deploying the EC2 cluster and Docker swarm
    10. Registering a domain with Let's Encrypt
    11. Implementing an NGINX HTTPS configuration using Let's Encrypt certificates
    12. Testing HTTPS support for the Notes application
    13. Using Helmet for across-the-board security in Express applications
    14. Using Helmet to set the Content-Security-Policy header
    15. Making the ContentSecurityPolicy configurable
    16. Using Helmet to set the X-DNS-Prefetch-Control header
    17. Using Helmet to control enabled browser features using the Feature-Policy header
    18. Using Helmet to set the X-Frame-Options header
    19. Using Helmet to remove the X-Powered-By header
    20. Improving HTTPS with Strict Transport Security
    21. Mitigating XSS attacks with Helmet
    22. Addressing Cross-Site Request Forgery (CSRF) attacks
    23. Denying SQL injection attacks
    24. Scanning for known vulnerabilities in Node.js packages
    25. Using good cookie practices
    26. Hardening the AWS EC2 deployment
    27. AWS EC2 security best practices
    28. Summary
  24. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product information

  • Title: Node.js Web Development - Fifth Edition
  • Author(s): David Herron
  • Release date: July 2020
  • Publisher(s): Packt Publishing
  • ISBN: 9781838987572