The Rise of BaaS A Utopia for Client-Side Developers

This is a comment.
The Rise of BaaS
A Utopia for Client-Side Developers
Saturday, March 15, 14 1

State of the Union
How client-side applications are built today

CLIENT SIDE APP APIs
Web
Server
DATA
MANAGEMENT
USER
MANAGEMENT
BUSINESS
LOGIC
Hosting Tooling
* your backend serves up data that your client-side
code uses to render the different views
* when your view needs to change the client-side
code makes a request to the backend to
re-render the view via xhr or websocket
* talk to the backend to perform any action or to
talk to third-party api's
BUSINESS LOGIC
• your backend serves up data that your client-side code uses to render the different views
• when your view needs to change the client-side code makes a request to the backend to re-render the view via xhr or websocket
• talk to the backend to perform any action or to talk to third-party api's

How often do you change your
backend to support the needs
of your client side app?

How often must you
upgrade your back-end to
extend your application?
Constantly.
* data and access controls (all the security) lives
inside the backend so in order to extend your
application you have to build out new routes
• data and access controls (all the security) lives inside the backend so in order to extend your application you have to build out new routes

The chase
begins
The communication nightmare kicks-off, the standard formation in most companies is that the client-side guys handle the users world and the back-end guys write the backend.
Now, to make a change that the back-end doesn't support means that you have to coordinate with them to build out the feature.
So instead of focusing on building an amazing application for your customers, you end up spending time working with the back-end team and their schedule.

So what do we settle for?
APIs
DATA MANAGEMENT
Storage
The communication nightmare kicks-off

Every application has unique requirements
DATA MANAGEMENT
USER
MANAGEMENT
HOSTING
SECURITY
Blog:
• Comments, users and posts
• Each post has a user and many comments
• You want to order the posts by date and select a range of them, perhaps you also want to filter by category
• Similar, for comments, you want to order by date and select a range of them
• For users, you need some sort of authentication and user management system
• For creating posts, you want some type of user admin role

Let’s face reality, we’ve been
reinventing the wheel
And it’s a fracking head-ache.

This approach has consequences
Repeating the same pattern over and over (creating an API to wrap the data structure) and creates additional risks

• Tightly coupled to the
server

server
• Inflexible

server
• Inflexible
• Expensive

server
• Inflexible
• Expensive
• Incomplete

server
• Inflexible
• Expensive
• Incomplete
• Limited extensibility

server
• Inflexible
• Expensive
• Incomplete
• Limited extensibility
• The list as you know,
does not end here

Imagine for a moment, the
ultimate back-end.
One that could fuel
any & every feature.

Ian Livingstone
VP Engineering, GoInstant
@ianlivingstone

We’re obsessive about
this problem.
Started as co-browse, started transitioning BaaS because we found we needed every component, and none existed.

The question that keeps us
up at night?

The question that keeps us
up at night?
What would this ultimate
backend look like?

The Vision: BaaS

The Vision: BaaS
One really really awesome
round wheel, we all share.

Web
Server
DATA
MANAGEMENT
USER
MANAGEMENT
BaaS
Hosting Tooling
BUSINESS LOGIC

Web
Server
Hosting Tooling
DATA
MANAGEMENT
USER
MANAGEMENT
BaaS
BUSINESS LOGIC

Ok that looks awesome
Let’s make it a reality!

Connectivity
web sockets and xhr-polling we have the
technology to create "full-duplex" connections
even in older browsers
this gives us a mechanism for pushing data
between server and client
• web sockets and xhr-polling we have the technology to create "full-duplex" connections even in older browsers
• this gives us a mechanism for pushing data between server and client

Data Management
* already exists just needs an API
built for it on the client
* support querying
* transactions
* all json types
• already exists just needs an API built for it on the client
• support querying
• transactions
• all json type

User Management
* built on-top of the data model
* standardized by convention
* id
* groups (or roles) built in
* extensible to store extra data
required
• built on-top of the data model
• standardized by convention
• id
• groups (or roles) built in
• extensible to store extra data required
•

Security & Access Control
* having data on client means there are a lot of security concerns
* access control layer around who can read and write data based on
their id and groups
* input validation to guarantee data integrity
* output sanitization to prevent different forms of injection attacks
* enforced on server via schema of some form
• having data on client means there are a lot of security concerns
• access control layer around who can read and write data based on their id and groups
• input validation to guarantee data integrity
• output sanitization to prevent different forms of injection attacks
• enforced on server via schema of some form

Tooling
* API is a black box you won’t control
* tooling is *really* important
* even with less surface area, there will
still be bugs
* so what type of tooling do we need?

Data Tooling
• Ability to view the data
• Ability to export and import backups
• Ability to run arbitrary queries on the data
• Audit logs for monitoring how data changes
• Schema visualizer
◦ Exploring how access controls are enforced
◦ Testing input validation and output sanitization
• Available via Web UI and CLI
• Ability to view the data
• Ability to export and import backups
• Ability to run arbitrary queries on the data
• Audit logs for monitoring how data changes
• Schema visualizer
• Exploring how access controls are enforced
• Testing input validation and output sanitization
• Available via Web UI and CLI

Organizational Tooling
• Support for multiple collaborators
• Support for multiple environments
• Varying access controls based on environment
• Ability to perform data migrations
• Support for multiple collaborators
• Support for multiple environments
• Varying access controls based on environment
• Ability to perform data migrations

Hosting
* to truly remove the operational burden, we also need to provide static application
hosting
* but it can't just host static html, css, js -- it needs to be living and breathing as
well
* schema provides access control to routes and redirect controls
• to truly remove the operational burden, we also need to provide static application hosting
• but it can't just host static html, css, js -- it needs to be living and breathing as well
• schema provides access control to routes and redirect controls

All together now

CONNECTIVITY
All together now

CONNECTIVITY
DATA
MANAGEMENT
All together now

CONNECTIVITY
DATA
MANAGEMENT
All together now
USER
MANAGEMENT

CONNECTIVITY
DATA
MANAGEMENT
All together now
USER
MANAGEMENT
SECURITY

CONNECTIVITY
DATA
MANAGEMENT
USER
MANAGEMENT
SECURITY
TOOLING
All together now

CONNECTIVITY
DATA
MANAGEMENT
USER
MANAGEMENT
SECURITY
TOOLING
HOSTING
All together now

We’ve found some obvious advantages

✓crowd source quality

✓specialization

✓specialization
✓scale

✓specialization
✓scale
✓reliability

✓specialization
✓scale
✓reliability
✓extensibility

✓specialization
✓scale
✓reliability
✓extensibility
✓lower cost

“The whole is
greater than the
sum of its parts.”
– Aristotle

Data Synchronization
* evolved from BaaS movement
* user a modifies data, automatically updates the view of user b
* possible because of the full-duplex connection and event subscriptions
* subscribe to “change” events in data model
* server pushes new data and client-side api trigger event listener
* by leveraging this pattern you now have “real-time” out of the box, you
don’t have to manage this! It’s given to you!
* show code example of what this looks like!

Offline Support
* now we have this mechanism for forcing our view to re-render
* with this we can update the view of the application when the
user reconnects (from sleep mode, or connects to wifi, etc.)
* all the data transferred to the client from the server is cached
so we can have read-only offline mode support out of the box
*

Shared Integrations

In this utopia, how long would it
take to build the application of your
users dreams.
Better question,
how much time could you save?

Baas Today
This utopia will be built,
one brick at a time
Talk through current solutions available

The Players

In Conclusion
• Client-side developers
waste time and money on
infrastructure
• BaaS will fundamentally
change how client-side
applications are
developed
• The work is already
under-way
• It’s an extension of the
platform movement

Join the BaaS
movement
An intersection of developer
productivity and the platformization
revolution

Q&A

The Rise of BaaS A Utopia for Client-Side Developers

More Related Content

Viewers also liked

Similar to The Rise of BaaS A Utopia for Client-Side Developers

More from Marc Manthey

Recently uploaded

The Rise of BaaS A Utopia for Client-Side Developers