Klassische serverseitige Frameworks wie JSF oder Spring MVC haben ausgedient. Heute schreibt man Frontends in Angular, React oder Vue.js, ist doch klar… Aber warum eigentlich? Was bedeuten rein clientseitige Ansätze für die Architektur einer Webanwendung? Und wann sollte man lieber auf die klassischen Frameworks zurückzugreifen? Diese und weitere Fragestellung werden in der Session behandelt.
11. SSR
Time to interactive
Server == DOM
Web Page
• Request amount
• Request weight
Time to interactive
Server == Data
App
• Less requests
• Cheaper requests
CSR
14. Facts
There will be a LOT of (Java | Type)Script Code
State management is complex
15. Facts
There will be a LOT of (Java | Type)Script Code
State management is complex
Your framework choice is wrong
16. A lot of code
DDD & Clean architecture
High cohesion, Low coupling
tweet/
tweet.view.js
tweet.js
tweet.repository.js
tweetCreate.service.js
likes/
tweetLike.service.js
tweetLike.view.js
user/
user.view.js
user.js
user.repository.js
17. State management
Most complex part of SPAs
Think about
Lifetime
Dependencies
Sources App
B CA
Global state
Local state
URL state
Derived state
UI state
Domain state
18. Sustainable apps
Libraries / Pattern will change
→ Library management
Components will stay
→ Web Components
https://twitter.com/ThePracticalDev/status/715623065078644738
23. Backend For Frontend (BFF)
„Every frontend has it‘s own backend“
Use-case specific APIs
Frontend is owner
Device specific APIs BFF-Web BFF-IOSBFF-Android
Microservice A Microservice N
Server
Monolith
24. BFF – Simple Version
Monotlih
Public API SPA API
25. BFF – Advanced Version
BFF-Web
Service A Service B
Universal JS
SSR your SPA
26. Query your API
Use-case specific queries
GraphQL
REST queries
GET /tweets/?fields=author:(name),tweet,likes
{
tweets(page:0,size:10) {
tweet, likes, author { name }
}
}
28. Data that‘s needed before rendering
GET /index.html
html, css + JavaScript
Generate HTML i18n ?
User settings ?
…
29. Data that‘s needed before rendering
SSR data into HTML
Use local storage / indexedDB / HTTP-Cache / Service Workers
<body>
<script>
const i18n = JSON.parse('{"lang":"DE_DE","main.welcome":"Willkommen"}');
const settings = JSON.parse('{"decimal_format":"##.#"}');
...
</script>
</body>
35. Authorization
CSR based on roles
Menu A Menu B AdminMenu A Menu B
{
roles: ["user", "admin"]
}
{
roles: ["user"]
}
36. Authorization
The client is never safe
Never put sensitive data in JavaScript
Implications
Server based authorization
SPA uses code splitting
Menu A Menu B
{
roles: ["user", "admin"]
}
Admin
401
Hack!