Node.js Web Development

By : David Herron

3.7 (10)

Buy this Book

Node.js Web Development

3.7 (10)

By: David Herron

Buy this Book

Overview of this book

Node.js is the leading choice of server-side web development platform, enabling developers to use the same tools and paradigms for both server-side and client-side software. This updated fifth edition of Node.js Web Development focuses on the new features of Node.js 14, Express 4.x, and ECMAScript, taking you through modern concepts, techniques, and best practices for using Node.js. The book starts by helping you get to grips with the concepts of building server-side web apps with Node.js. You’ll learn how to develop a complete Node.js web app, with a backend database tier to help you explore several databases. You'll deploy the app to real web servers, including a cloud hosting platform built on AWS EC2 using Terraform and Docker Swarm, while integrating other tools such as Redis and NGINX. As you advance, you'll learn about unit and functional testing, along with deploying test infrastructure using Docker. Finally, you'll discover how to harden Node.js app security, use Let's Encrypt to provision the HTTPS service, and implement several forms of app security with the help of expert practices. With each chapter, the book will help you put your knowledge into practice throughout the entire life cycle of developing a web app. By the end of this Node.js book, you’ll have gained practical Node.js web development knowledge and be able to build and deploy your own apps on a public web hosting solution.

Preface

Who this book is for

What this book covers

To get the most out of this book

Get in touch

Section 1: Introduction to Node.js

Free Chapter

About Node.js

Overview of Node.js

The capabilities of Node.js

Why should you use Node.js?

The Node.js event-driven architecture

Embracing advances in the JavaScript language

Developing microservices or maxiservices with Node.js

Summary

Setting Up Node.js

System requirements

Installing Node.js using package managers

Installing from the source on POSIX-like systems

Installing multiple Node.js instances with nvm

Requirements for installing native code modules

Choosing Node.js versions to use and the version policy

Choosing editors and debuggers for Node.js

Running and testing commands

Advancing Node.js with ECMAScript 2015, 2016, 2017, and beyond

Summary

Exploring Node.js Modules

Defining a Node.js module

Finding and loading modules using require and import

Using npm – the Node.js package management system

The Yarn package management system

Summary

HTTP Servers and Clients

Sending and receiving events with EventEmitter

Understanding HTTP server applications

HTTP Sniffer – listening to the HTTP conversation

Web application frameworks

Getting started with Express

Creating an Express application to compute Fibonacci numbers

Making HTTPClient requests

Calling a REST backend service from an Express application

Summary

Section 2: Developing the Express Application

Your First Express Application

Exploring Promises and async functions in Express router functions

Architecting an Express application in the MVC paradigm

Creating the Notes application

Theming your Express application

Scaling up – running multiple Notes instances

Summary

Implementing the Mobile-First Paradigm

Understanding the problem – the Notes app isn't mobile-friendly

Learning the mobile-first paradigm theory

Using Twitter Bootstrap on the Notes application

Flexbox and CSS Grids

Mobile-first design for the Notes application

Customizing a Bootstrap build

Summary

Data Storage and Retrieval

Remembering that data storage requires asynchronous code

Logging and capturing uncaught errors

Storing notes in a filesystem

Storing notes with the LevelDB datastore

Storing notes in SQL with SQLite3

Storing notes the ORM way with Sequelize

Storing notes in MongoDB

Summary

Authenticating Users with a Microservice

Creating a user information microservice

Providing login support for the Notes application

Providing Twitter login support for the Notes application

Keeping secrets and passwords secure

Running the Notes application stack

Summary

Dynamic Client/Server Interaction with Socket.IO

Introducing Socket.IO

Initializing Socket.IO with Express

Real-time updates on the Notes homepage

Inter-user chat and commenting for Notes

Summary

Section 3: Deployment

Deploying Node.js Applications to Linux Servers

Notes application architecture and deployment considerations

Traditional Linux deployment for Node.js services

Adjusting Twitter authentication to work on the server

Setting up PM2 to manage Node.js processes

Summary

Deploying Node.js Microservices with Docker

Setting up Docker on your laptop or computer

Setting up the user authentication service in Docker

Creating FrontNet for the Notes application

Managing multiple containers with Docker Compose

Using Redis for scaling the Notes application stack

Summary

Deploying a Docker Swarm to AWS EC2 with Terraform

Signing up with AWS and configuring the AWS CLI

An overview of the AWS infrastructure to be deployed

Using Terraform to create an AWS infrastructure

Setting up a Docker Swarm cluster on AWS EC2

Setting up ECR repositories for Notes Docker images

Creating a Docker stack file for deployment to Docker Swarm

Provisioning EC2 instances for a full Docker swarm

Deploying the Notes stack file to the swarm

Summary

Unit Testing and Functional Testing

Assert <span>–</span> the basis of testing methodologies

Testing a Notes model

Using Docker Swarm to manage test infrastructure

Testing REST backend services

Automating test results reporting

<span>Frontend headless browser testing with Puppeteer</span>

Summary

Security in Node.js Applications

Implementing HTTPS in Docker for deployed Node.js applications

Using Helmet for across-the-board security in Express applications

Addressing Cross-Site Request Forgery (CSRF) attacks

Denying SQL injection attacks

Scanning for known vulnerabilities in Node.js packages

Using good cookie practices

Hardening the AWS EC2 deployment

AWS EC2 security best practices

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

3.7 (10)

5 star

60%

4 star

3 star

10%

2 star

10%

1 star

20%

Implementing HTTPS in Docker for deployed Node.js applications

The current best practice is that every website must be accessed with HTTPS. Gone are the days when it was okay to transmit unencrypted information over the internet. That old model is susceptible to problems such as man-in-the-middle attacks, and other threats.

Using SSL and HTTPS means that connections over the internet are authenticated and encrypted. The encryption is good enough to keep out all but the most advanced of snoops, and the authentication means we are assured the website is what it says it is. HTTPS uses the HTTP protocol but is encrypted using SSL, or Secure Sockets Layers. Implementing HTTPS requires getting an SSL certificate and implementing HTTPS support in the web server or web application.

Given a suitable SSL certificate, Node.js applications can easily implement HTTPS because a small amount of code gives us an HTTPS server. But there's another route that offers an additional benefit. NGINX is...