2. Agenda
1. Middleware Concept
2. Connect Middleware with Example
3. Express Middleware.
4. Express Philosophy.
5. Express Cool Features.
3. What is Middleware in NodeJS ?
The middleware is called as a chain of functions, with order based on middleware
definition order(time) with matching routes (if applicable).
e.g. req and res objects are travelling through chain so you can
reuse/improve/modify data in them along the chain.
/* This is only for demonstration purpose*/
function(req, res, next) {
req.name = âsamethingâ;
next(/* err and/or output */)
}
4. Middleware cont.
This is sometime also called as Pipelines. Pipelines are everywhere, under
various forms, uses and purposes. Generically, a Pipeline is a series of processing
units connected together, where the output of one unit is the input for the next one.
(In Node.js, this often means a series of functions in the form.)
If your middleware should return a response, just do so. If it shouldn't, it's implied
that some later middleware should return a response. If you need to pass along
data to that later part of the process, you should attach it to an appropriate part of
the request object req.
P.S. Donât confuse here about pipe(), thats belongs to another hero streams, streams are better
suited to process flowing data
5. Middleware cont.
For example,
1. The bundled bodyParser middleware is responsible for populating req.
rawBody and req.body based on the contents of the request body.
2. The bundled basicAuth middleware populates req.remoteUser based on the
HTTP authentication.
6. Middleware Cont.
Two general use cases for middleware :-
â Generic :- it will apply to every single request. Each middleware have to call
next() inside, if it wants to proceed to next middleware.
â Specific :- When you use app.get('/path', function(...) this actual function is
middleware as well, just inline defined
The chain order is based on definition order. So it is important to define
middleware in sync manner or order-reliable async manner. Otherwise different
order of middleware can break logic.
7. Middleware : Connect
â Node.js itself offers an HTTP module, whose createServer method returns an
object that you can use to respond to HTTP requests.
â That object inherits the http.Server prototype.
8. Connect Middleware
From the README:
Connect is an extensible HTTP server framework for node, providing high
performance "plugins" known as middleware.
More specifically, connect wraps the Server, ServerRequest, and
ServerResponse objects of node.js' standard httpmodule, giving them a few nice
extra features, one of which is allowing the Server object to use a stack of
middleware.
9. Connect Middleware Framework
â Connect has 18 bundled middleware and a rich selection of 3rd-party
middleware..
â That's why Connect describes itself as a "middleware framework," and is
often analogized to Ruby's Rack.
10. Example : Creating Simple Middleware
function uselessMiddleware(req, res, next) {
next()
}
A middleware can also signal an error by passing it as the first argument to next:
// A middleware that simply interrupts every request
function worseThanUselessMiddleware(req, res, next) {
next("Hey are you busy?")
}
When a middleware returns an error like this, all subsequent middleware will be
skipped until connect can find an error handler.
11. Adding middleware stack for server
To add a middleware to the stack of middleware for a server, we use it like so:
connect = require('connect')
stephen = connect.createServer()
stephen.use(worseThanUselessMiddleware)
Finally, you can also specify a path prefix when adding a middleware, and the
middleware will only be asked to handle requests that match the prefix:
connect = require('connect')
bob = connect.createServer()
bob.use('/attention', worseThanUselessMiddleware)
12. URL based authentication policy
function authenticateUrls(urls /* basicAuth args*/) {
basicAuthArgs = Array.slice.call(arguments, 1)
basicAuth = require('connect').basicAuth.apply(basicAuthArgs)
function authenticate(req, res, next) {
// Warning! assumes that urls is amenable to iteration
for (var pattern in urls) {
if (req.path.match(pattern)) {
basicAuth(req, res, next)
return
}
}
next()
}
return authenticate
}
13. Role base authorization
function authorizeUrls(urls, roles) {
function authorize(req, res, next) {
for (var pattern in urls) {
if (req.path.match(pattern)) {
for (var role in urls[pattern]) {
if (users[req.remoteUser].indexOf(role) < 0) {
next(new Error("unauthorized"))
return
}
}
}
}
next()
}
return authorize
}
14. Error handling
email = require('node_mailer')
function emailErrorNotifier(generic_opts, escalate) {
function notifyViaEmail(err, req, res, next) {
if (err) {
var opts = {
subject: "ERROR: " + err.constructor.name,
body: err.stack,
}
opts.__proto__ = generic_opts
email.send(opts, escalate)
}
next()
}
}
15. Putting it all together
private_urls = {
'^/attention': ['coworker', 'girlfriend'],
'^/bank_balance': ['me'],
}
roles = {
stephen: ['me'],
erin: ['girlfriend'],
judd: ['coworker'],
bob: ['coworker'],
}
passwords = {
me: 'doofus',
erin: 'greatest',
judd: 'daboss',
bob: 'anachronistic discomBOBulation',
}
function authCallback(name, password) {
return passwords[name] === password
}
stephen = require('connect').createServer()
stephen.use(authenticateUrls(private_urls,
authCallback))
stephen.use(authorizeUrls(private_urls, roles))
stephen.use('/attention',
worseThanUselessMiddleware)
stephen.use(emailErrorNotifier({to:
'stephen@betsmartmedia.com'}))
stephen.use('/bank_balance', function (req, res,
next) {
res.end("Don't be Seb-ish")
})
stephen.use('/', function (req, res, next) {
res.end("I'm out of coffee")
})
16. List of common uses connect middlewares
â logger request logger with custom format
support
â csrf Cross-site request forgery protection
â compress Gzip compression middleware
â basicAuth basic http authentication
â bodyParser extensible request body parser
â json application/json parser
â multipart multipart/form-data parser
â timeout request timeouts
â cookieParser cookie parser
â session session management support with
bundled MemoryStore
â cookieSession cookie-based session support
â methodOverride faux HTTP method support
â favicon efficient favicon server (with default
icon)
â query automatic querystring parser, populating
req.query
â errorHandler flexible error handler
17. Middleware: Express
Express does to Connect what Connect does to the http module: It offers a
createServer method that extends Connect's Server prototype. So all of the
functionality of Connect is there,plus view rendering and a handy DSL for
describing routes. Ruby's Sinatra is a good analogy.
18. Philosophy behind ExpressJS
This is probably one of the most popular frameworks in the Node.js community of
coders right now. The core philosophy behind ExpressJS is to offer an application
framework for single or multi-page web apps, using views and template engine.
The Express.js framework also includes a multitude of utilities to work with HTTP
and building APIs. The pluggable middleware in the framework provides a great
way to add elements, such as passportjs, as you need them.
19. Cool feature 1: routing
Routing is a way to map different
requests to specific handlers.
var express = require("express");
var http = require("http");
var app = express();
app.all("*", function(request, response, next) {
response.writeHead(200, { "Content-Type":
"text/plain" });
next();
});
app.get("/", function(request, response) {
response.end("Welcome to the homepage!");
});
app.get("/about", function(request, response) {
response.end("Welcome to the about page!");
});
app.get("*", function(request, response) {
response.end("404!");
});
http.createServer(app).listen(1337);
20. Cool feature 2: request handling
Express augments the request and response objects that you're passed in every
request handler.
response.redirect("/hello/anime");
response.redirect("http://www.myanimelist.net");
response.redirect(301, "http://www.anime.org"); // HTTP status code 301
This isn't in vanilla Node and it's also absent from Connect, but Express adds this
stuff. It adds things like sendFile which lets you just send a whole file:
response.sendFile("/path/to/anime.mp4");
The request gets a number of cool properties, like request.ip to get the IP address
and request.files to get uploaded files.
21. Cool feature 3: views
More features? Oh, Express, I'm blushing.
Express can handle views. It's not too bad. Here's what the setup looks like:
// Start Express
var express = require("express");
var app = express();
// Set the view directory to /views
app.set("views", __dirname + "/views");
// Let's use the Jade templating language
app.set("view engine", "jade");
The first block is the same as always. Then we say "our views are in a folder
called 'views'".
22. Bonus cool feature: everything from
Connect and Node
I want to remind you that Express is built on top of Connect which is built on top of
Node. This means that all Connect middleware works with Express. This is useful!
For example:
var express = require("express");
var app = express();
app.use(express.logger()); // Inherited from Connect
app.get("/", function(req, res) {
res.send("anime");
});
app.listen(1337);
23. Folder Structure : My Preference
/public
/images (there are several images exported from Photoshop)
/javascripts
/stylesheets
/style.css
/style.less (imports home.less and inner.less)
/routes
/index.js
/app
/views
/index.ejs (home page)
/inner.ejs (template for every other page of the site)
/controller
/model
/app.js
/package.json