The long-anticipated Express.js manual is ready and was sent to to print at this week (December 24, 2014). To summarize the book, Pro Express.js: Master Express.js—The Node.js Framework For Your Web Development is all about understanding Express.js and building web apps with this framework and its middleware. Spend two minutes to read this post, to know how you can benefit from this valuable resource and the release.
Becoming a Better Node.js Developer
If you an intermediate or advanced beginner Node.js developer and want to become better at this cool, new technology, then you have lots of questions about the best practices and patterns. Most likely you’ve encountered Express.js, and you wish you knew more about useful settings and options to configure Express.js and its middleware.
The reason why I know these things is that, before I became proficient with Node.js and Express.js, I was a beginner just like you. Also, I’ve been in a position when I needed to learn Express.js quickly. In those sad moments, I was flat out miserable and often had to read the source code for the lack of a good documentation and examples. I wish I had Pro Express.js with me back then to explain the mechanisms in plain English, and provide inspiring code patterns that I could re-use in my projects. That’s why I’m confident that Pro Express.js will be great for intermediate Node.js developers (and advanced-beginners).
Pro Express.js can solve your pains and problems by providing the following benefits:
To review, the typical structure of an Express.js app fig(which is usually a server.js or app.js file) roughly consists of these parts, in the order shown:
Dependencies : A set of statements to import dependencies
Instantiations : A set of statements to create objects
Configurations : A set of statements to configure system and custom settings
Middleware : A set of statements that is executed for every incoming request
Routes : A set of statements that defines server routes, endpoints, and pages
Bootup : A set of statements that starts the server and makes it listen on a specific port for incoming requests
This chapter covers the fifth category, routes and the URL parameters that we define in routes. These parameters, along with the app.param() middleware, are essential because they allow the application to access information passed from the client in the URLs (e.g., books/proexpressjs). This is the most common convention for REST APIs. For example, the http://hackhall.com/api/posts/521eb002d00c970200000003 route will use the value of 521eb002d00c970200000003 as the post ID.
Parameters are values passed in a query string of a URL of the request. If we didn’t have Express.js or a similar library, and had to use just the core Node.js modules, we’d have to extract parameters from an HTTP.request object via some require('querystring').parse(url) or require('url').parse(url, true) function “trickery.”
Let’s look closer at how to define a certain rule or logic for a particular URL parameter.
TL;DR: This text is an excerpt (Chapter 9) from Pro Express.js: Master Express.js—The Node.js Framework For Your Web Development. The book will be released next week (December 24, 2014), and we’ll announce a great limited-time offer on it on Sunday, December 28, 2014. So stay tuned… and happy Holidays!!!
Good web applications must have informative error messages to notify clients exactly why their request has failed. Errors might be caused either by the client (e.g., wrong input data) or by the server (e.g., a bug in the code).
The client might be a browser, in which case the application should display an HTML page. For example, a 404 page should display when the requested resource is not found. Or the client might be another application consuming our resources via the REST API. In this case, the application should send the appropriate HTTP status code and the message in the JSON format (or XML or another format that is supported). For these reasons, it’s always the best practice to customize error-handling code when developing a serious application.
In a typical Express.js application, error handlers follow the routes. Error handling deserves its own section of the book because it’s different from other middleware. After the error handlers, we’ll cover the Express.js application methods and ways to start the Express.js app. Therefore, the major topics of this chapter are as follows:
This text is part of my new book Pro Express.js: Master Express.js—The Node.js Framework For Your Web Development [Apress, 2014]. Security is important, that’s why I decided to publish this chapter on my blog. The book will be released very soon.
The set of tips in this chapter deals with security in Express.js applications. Security is often a neglected topic that is deferred until the last minute before the release. Obviously, this approach of treating security as an afterthought is prone to leaving holes for attackers. A better approach is to consider and implement security matters from the ground up. Continue reading “Express.js Security Tips”
Express.js is one of the top Node.js frameworks out there. It was used in the overwhelming majority of projects that I’ve encountered since I began working with Node.js in 2011. One of the main selling points and key differentiators is the framework’s configurability. However, while writing Express.js Guide and Pro Express.js, I discovered a few secret settings never mentioned in their documentation.