This document provides an agenda and overview of topics related to frameworks, tools, and best practices for building applications with Node.js. The topics covered include Sinatra/Connect-style frameworks, working with Express and Restify, persistence layers with ORMs, authentication with Passport, real-time communication with Socket.io, architecture patterns, debugging and performance, security, error handling, design patterns, and testing. Code examples are provided for basic routing in different frameworks.

1. Framework and Enterprise Tools
Business Logic, Persistence and Auth

2. Agenda
● Sinatra / Connect style frameworks (middleware and composable).
● Working with Express.
● Working with Restify.
● Persistence Layer (ORM, OGM,...).
● Auth: Working with Passport.
● RT: Sockets with Socket.io.
● Architecture Patterns: Multi-tier.

3. Agenda
● Debugging & REPL.
● Performance with Clustering.
● Security Concerns.
● Error Management.
● Design Patterns.
● Best Practices.
● Dojo Kake: Adding testing to your app.

4. Connect-style
Frameworks
Based on Sinatra, Connect was one of the first frameworks in node.js.
● Oriented to attend TCP / http request.
● Provides routing object.
● Add the middleware concept, as stages of the request.

5. REQUEST
e.g. GET /
ROUTING level
app.get(‘/’,
function(req,res,next) {
● req // obj with full
http request
● res // obj with
method to response
● next // function to call
next middleware
…
}
middleware
app.get(‘/’,
function(req,res,next
))
...
stage 1
You can use more than one step to organize your REST logic!

6. express
app.get('/', function (req, res) {
res.send('Hello World!');
});
restify
var server = restify.createServer();
server.get('/hello/:name', (req, res, next) {
res.send('hello ' + req.params.name);
next();
});
node.js (vanilla/native)
const server = http.createServer((req, res) => {
res.statusCode = 200;
res.setHeader('Content-Type', 'text/plain');
res.end('Hello Worldn');
});
Different routing with three frameworks
They are really similar!
These three examples are the hello-world-api
with INSERT_HERE_FRAMEWORK.js

7. Working with
Express
Express is one of the most used frameworks in node.js. Its company has been
acquired by IBM recently and it has developed products on top of it.
● De facto Standard.
● Connect-Style with Middleware.
● Great community, lots of documents and plugins.
● Oriented to web (as assets server, web server or api server).
● Router object with full REST support.

8. Restify is a more lightweight option intended to develop API Gateways.
● Connect-Style with Middleware.
● Great community, lots of documents and plugins.
● More oriented to develop REST services.
● Manual Routing.
● Manual HTTP method PATCH required.
Working with
Restify

9. Persistence Layer
In order to connect to some databases it’s recommended to use an ORM, but it’s
not the only option.
● Mongoose: MongoDB ODM Object Document Mapper.
● Sequelize: *SQL (PostgreSQL, MySQL, MariaDB, SQLite and MSSQL).
● Vogelz: DynamoDB.
You can also use
● REST API: Neo4j, MongoDB.

10. ● Provides an Abstraction layer.
● Easy Management & use of the entities through its API (entity.save(),...).
● Parameterized Query Statements to avoid SQL injection.
But also…
● Introduces some added complexity.
What are the benefits of using ORM?

11. Auth with Passport
In order to manage the sessions and auth users, you can use the framework
passport with lots of connectors.
● Easy integration with JWT.
● Lots of providers.
● Simple architecture.
● Easy to extend by made connectors.
● Easy to cache.
● Requires a secure channel between client and server (HTTPS).

12. Passport Architecture
source: https://www.ctl.io/developers/blog/post/build-user-authentication-with-node-js-express-passport-and-orchestrate

13. RT with Socket.io
Oriented to keep a full duplex communication between a client and the server.
Bringing the concept of sockets to web.
● Full duplex.
● Low latency.
● Easy to implement in client side, no plugins necessary.
● DANGER: Difficult to scale horizontally.*
* Requires a HA Proxy to redirect to the specific node in context.

14. Architecture
Patterns
It’s not about pieces, hardware and stuff, it’s about the global perspective.
● Do I fulfill the needs/requirements?
● How is it going to grow?
● Use the platform.
● Single Responsibility Principle.
● Less Permission Principle.

15. Reference Architectures: Two Tier
Source: http://blogs.intel.com/api-management/2013/04/04/mobile-friendly-security/two-tier/

16. Reference Architectures: Three Tier
Source: http://blogs.intel.com/api-management/2013/04/04/mobile-friendly-security/3-tier/

17. Reference Architectures: Three Tier
Source: http://blogs.intel.com/api-management/2013/04/04/mobile-friendly-security/3-tier/

18. Reference Architectures: Multi Tier
Source: https://www.ibm.com/developerworks/library/wa-aj-multitier/

19. Reference Architectures: RESTful
Source: https://www.safaribooksonline.com/library/view/restful-java-patterns/9781783287963/

20. Debugging
& REPL
There are different tools and options. Some of them take a lot of time to configure
them, but it is worth making such an effort:
● Jetbrains WebStorm IDE it’s almost Zero Config.
● nodemon or node inspector or debug as third party options.
● REPL to test live.
● Don’t use by default console.log(‘message’), it decreases the
performance.

21. Performance with
Clustering
The best way to make the most of the advantages of a multi-processor computer
is using cluster node api (cluster it’s a confusing name).
● native api
● 1 core = 1 thread
● could share resources as ports
● can change messages
● can dead and re-raise again
https://nodejs.org/api/cluster.html
In node.js context:
node.cluster ≈ Threading

22. Design Patterns
It’s useful to try to implement these patterns with node.js:
● Singletons.
● Observers.
● Factories.
● Dependence Injection.
● Middleware.
● Streams.
Further lecture: https://blog.risingstack.com/fundamental-node-js-design-patterns/

23. Best Practices
● Add some automated testing!
● Add log to your apps, even more than one level (network & logic app).
● Don’t leave tons of console.logs(‘message’).
● Separate the config and don’t upload them to CVS.
[further reading]
https://12factor.net/
https://github.com/beeva/beeva-best-practices/tree/master/backend/nodejs

24. Error Management
There’re many ways to control errors during node.js execution:
● CPS if a controlled error happens.
● Try-Catch if it’s possible to detect it.*
● Context Error (pending to be deprecated).
● Node.js API error as event emitter:
https://nodejs.org/api/errors.html
* Good News! Sometimes asynchronicity doesn’t permit this!

25. Final Exercise
Dojo Kake:
Collaborative 4-layer app

26. Dojo Kake
We’re going to design a 4 layers architecture by collaborating.
The rules:
● 2/3 people by team.
● One team, one role.
● You can only talk to the team at your left or the one at your right to share api
definition or data.
● 4 layers:
Frontend + Auth Server + Load Balancer + Backend.

27. Dojo Kake
Infrastructure:
Front App
GET http://localhost:8080
Auth Server
GET
http://localhost:3000/token
GET
http://localhost:3000/data?token=123...
Load Balancer
GET
http://localhost:7000/proxy
Backend 1
GET
http://localhost:9000/data
Backend 1
GET
http://localhost:9001/data
NoSQL DB
Graph database

28. Dojo Kake
References & Examples
● Superagent to connect DB API
https://github.com/beeva-manueldepaz/dojo-triple/tree/dojo-01-kata-resolved
● Request to proxify
http://github.com/pelirrojo/https://github.com/Pelirrojo/nodejs-npm-express-ba
sic-with-grunt
● A little SPA frontend with JQuery
https://gist.github.com/Pelirrojo/c537c30952573d3fd62c
● db endpoint is: http://10.10.8.90:7474

29. Dojo Kake
Solution:
You need to install Docker & node.js to run it:
https://github.com/Pelirrojo/nodejs-dojo-kake-4-layer-node-app

30. References
● The Best blog about using node.js with production grade
https://blog.risingstack.com/node-hero-tutorial-getting-started-with-node-js/
https://blog.risingstack.com/node-js-tutorial-debugging-async-memory-leaks-cpu-profiling/
https://blog.risingstack.com/node-js-at-scale-node-js-garbage-collection/
https://blog.risingstack.com/fundamental-node-js-design-patterns/
● A place with self-paced labs to learn node.js
nodeschool.io
● The best blog about node.js
howtonode.org
● Some tips from Heroku Doc:
https://devcenter.heroku.com/articles/node-concurrency
https://devcenter.heroku.com/articles/mean-apps-restful-api

31. Any question?
Manuel E. de Paz Carmona
manuel.depaz.geek@mail.com

32. Disclaimer
All product names, logos, and brands are property of their respective owners. All company, product and service names
used in this slide deck are for identification purposes only. Use of these names, logos, and brands does not imply
endorsement.
This slide deck is licensed by