hapi.js in Action
Matt Harrison
  • MEAP began February 2015
  • Publication in August 2016 (estimated)
  • ISBN 9781633430211
  • 325 pages (estimated)
  • printed in black & white

Hapi.js in Action teaches you how to build modern Node-driven applications using hapi.js. Packed with examples, this book takes you from your first simple server through the skills you'll need to build a complete application. In it, you'll learn how to build websites and APIs, implement caching, authentication, validation, error handling, and a lot more. You'll also explore vital techniques for production applications, such as testing, monitoring, error handling, deployment, and documentation.

Table of Contents detailed table of contents

Part 1: First Steps

1. Introducing hapi

1.1. What is hapi.js?

1.1.1. What makes hapi special?

1.1.2. What kind of framework is hapi.js?

1.2. The Building blocks of hapi

1.2.1. Servers

1.2.2. Connections

1.2.3. Routes

1.2.4. Handlers

1.2.5. Plugins

1.3. When you should (and shouldn't) use hapi

1.3.1. When you should use hapi

1.3.2. When you shouldn't use hapi

1.4. How it works

1.4.1. Installing hapi

1.4.2. Creating a server

1.4.3. Adding some routes

1.4.4. Registering a plugin

1.4.5. Taking it for a spin

1.5. Getting Help

1.5.1. hapi.js website

1.5.2. Make me hapi

1.5.3. Github

1.5.4. IRC

1.5.5. Stack Overflow

1.5.6. Read the code!

1.6. Summary

2. Building an API

2.1. Designing the API

2.1.1. Your mission, should you choose to accept it

2.1.2. Gathering requirements

2.1.3. Designing the API endpoints

2.2. Getting set up

2.2.1. A directory to work in

2.2.2. Preparing a database and some sample data

2.2.3. The sqlite3 node module

2.3. Retrieving and searching recipes

2.3.1. Introducing server.route()

2.3.2. Route handlers

2.3.3. Endpoint A: Retrieving all recipes

2.3.4. Endpoint A: Searching recipes

2.3.5. Endpoint B: Retrieving a single recipe

2.4. Writing maintainable code

2.4.1. Modularizing routes

2.4.2. Meet server.bind(): Setting the context in handlers

2.4.3. Modularizing handlers

2.5. Authentication

2.5.1. Schemes and strategies

2.5.2. Implementing bearer token authentication

2.5.3. Working with user credentials

2.6. Creating and starring recipes

2.6.1. Test-driving your endpoints

2.6.2. Endpoint C: Creating recipes

2.7. Summary

3. Building a website

3.1. The DinDin Website

3.1.1. What it looks like

3.1.2. How it works

3.1.3. Getting set up

3.2. Serving Webpages and Static Content

3.2.1. Serving a static file

3.2.2. Serving an entire directory

3.2.3. server.view(): Dynamic view rendering with Handlebars

3.2.4. DRY views: layouts and partials

3.3. Working with an External API

3.3.1. Using Wreck: Consuming APIs with hapi

3.3.2. The dynamic homepage

3.3.3. The recipe detail page

3.3.4. View Helpers

3.4. Managing Logins and User Sessions

3.4.1. Yar: Session management

3.4.2. Forms

3.4.3. Implementing login

3.4.4. Creating recipes

3.4.5. Implementing logout

3.5. Summary

Part 2: Expanding your toolbox

4. Routes and Handlers in depth

4.1. Routing in Depth

4.1.1. The hapi router: a note about ordering and conflicting routes

4.1.2. Route methods

4.1.3. Parameterized paths

4.1.4. How hapi picks a route

4.2. Building custom handlers

4.2.1. The internationalization (i18n) example

4.2.2. Parsing the Accept-Language header

4.2.3. First implementation

4.2.4. Making things simple again

4.3. Server methods

4.4. Route Prerequisites

4.4.1. The problem with concurrency in asynchronous Javascript

4.4.2. Specifying a route prerequisite

4.4.3. Using server methods with prerequisites

4.4.4. Multiple serial prerequisites

4.4.5. Parallel prerequisites: running tasks concurrently

4.5. Managing file uploads to hapi applications

4.5.1. Using "data" - Read the file contents into memory

4.5.2. Using "stream" - Get the files as streams

4.5.3. Using "file" - Save the files to disk

4.5.4. Additional payload settings

4.6. Summary

5. Understanding Requests and Responses

5.1. The request object and lifecycle

5.1.1. What is the request object?

5.1.2. The request lifecycle

5.1.3. Extension points

5.1.4. Which extension point should I use?

5.2. The reply interface and the response object

5.2.1. What is the reply interface?

5.2.2. Valid arguments to reply()

5.2.3. The response object

5.2.4. Responding with Streams

5.3. Dealing with errors

5.3.1. Programmer errors vs Operational errors

5.3.2. HTTP status codes

5.3.3. Introducing Boom: Creating HTTP Friendly Errors

5.3.4. Friendly HTML error pages for websites

5.4. Summary

6. Validation with Joi

6.1. Introducing Joi

6.1.1. How it works

6.1.2. A simple example: Validating a scalar type

6.1.3. A more complex example: Validating a compound type

6.2. Mastering Joi

6.2.1. Getting to know the API

6.2.2. Joi.assert() vs Joi.validate()

6.2.3. Type conversion in Joi

6.2.4. The abortEarly option

6.2.5. Exploring Joi errors

6.3. Validation in hapi

6.3.1. Validating inputs with Joi

6.3.2. Validating payloads

6.3.3. Validating responses

6.3.4. Customising the validation response with failAction

6.4. Bringing it all together: web form validation with hapi and Joi

6.4.1. How it works

6.4.2. Creating the skeleton

6.4.3. Creating the routes and views

6.4.4. Adding validation

6.4.5. Rendering errors on the form

6.4.6. Redirecting users after successful form submission

6.5. Summary

7. Building Modular Applications with Plugins

7.1. Plugged-in Thinking

7.1.1. What is a Plugin?

7.1.2. What can go in a plugin?

7.1.3. Plugin all the Things!

7.1.4. The Pingoo application

7.2. Creating and Loading Plugins

7.3. Creating a Plugin

7.3.1. Loading plugins with server.register()

7.3.2. Plugin Dependencies

7.3.3. Configuring Plugins with options

7.4. Composing Plugins with Glue

7.4.1. What is Glue?

7.4.2. Creating a Manifest

7.4.3. Smart configuration with the Confidence utility

7.5. Plugin Communication

7.5.1. Global server configuration

7.5.2. Exposing properties from within a plugin with server.expose()

7.5.3. Using an event system

7.6. Summary

8. Leveraging Caching

8.1. Client-Side Caching

8.1.1. Setting headers manually

8.1.2. Setting a cache policy in configuration

8.1.3. Revalidation and ETags

8.2. Introducing Catbox: a Multi-Strategy Object Caching library

8.2.1. What is Catbox?

8.2.2. Catbox Clients and Policies

8.2.3. Staleness

8.2.4. Which cache strategy should I use?

8.3. Server-Side Caching in hapi applications

8.3.1. Configuring clients

8.3.2. Creating and using a Catbox Policy with server.cache()

8.3.3. Caching server methods

8.3.4. Organising cache data using keys, partitions and segments

8.4. Summary

Part 3: Creating rock-solid apps

9. Authentication and Security

9.1. Authentication in depth

9.1.1. hapi Authentication Recap

9.1.2. Which authentication scheme should I choose?

9.1.3. Authentication scopes

9.1.4. Authentication modes

9.2. Implementing Third-party Authentication with Bell

9.2.1. What is Third-Party Authentication?

9.2.2. Introducing Bell

9.2.3. Integrating Bell into a hapi app

9.3. Managing cross-domain requests with CORS

9.3.1. Allowing cross-origin requests from anywhere

9.3.2. Restricting access to resources to specific origins only

9.3.3. Dealing with custom headers

9.3.4. CORS and credentials (cookies)

9.3.5. Granularity of CORS settings

9.4. Protecting apps against CSRF with Crumb

9.4.1. Combatting CSRF attacks with CSRF tokens

9.4.2. Understanding CSRF by creating our own exploit

9.4.3. Protecting HTML forms using Crumb

9.4.4. Protecting restful APIs using Crumb

9.5. Security headers

9.6. Summary

10. Testing with lab, code and server.inject()

10.1. Introduction to lab

10.1.1. Your first test

10.1.2. lab as a local dependency

10.1.3. Organising tests with experiments

10.1.4. Asynchronous by default

10.1.5. lab syntax flavors

10.2. Making Assertions with the code Library

10.2.1. What is the code Assertion Library?

10.2.2. code's grammar - structure of an assertion

10.3. Testing hapi servers with server.inject()

10.3.1. Readying servers for testing

10.3.2. The server.inject() response parameter

10.3.3. Testing with request payloads

10.3.4. Testing Authenticated Routes

10.4. Levelling up lab

10.4.1. Reporters

10.4.2. code coverage

10.4.3. Linting

10.4.4. Leaking globals

10.4.5. Parallel test execution

10.5. Testing difficult-to-test code with stubs, spies and monkey-patching

10.5.1. Introduction to monkey-patching

10.5.2. Using Sinon's Spies and Stubs

10.5.3. Using proxyquire

10.6. Summary

11. Production and Beyond

11.1. Logging with hapi and Good

11.1.1. Introduction to server events in hapi

11.1.2. Logging with request.log() and server.log()

11.1.3. Production Logging and Process Monitoring with Good

11.1.4. Using multiple reporter instances

11.2. Documenting your Routes

11.2.1. Introduction to route tags, notes and descriptions

11.2.2. Autogenerated documentation with Lout

11.3. Monitoring

11.3.1. Introducing StatsD and Graphite

11.3.2. Measure anything with StatsD

11.3.3. Getting operations data from hapi using Oppsy

11.4. Debugging

11.4.1. Don't feel bad about just using console.log()

11.4.2. Node debug

11.4.3. Node Inspector

11.4.4. Core dumps with Poop

11.4.5. Realtime Request Debugging with hapi TV

11.5. Deploying SSL/TLS-enabled applications

11.5.1. Options for TLS

11.5.2. Setting up a TLS connection with hapi

11.5.3. Testing SSL with a self-signed certificate

11.5.4. Forcing HTTPS

11.6. Summary

Appendixes

Appendix A: Getting started with Node.js and npm

A.1. What is Node.js?

A.2. Getting Node and npm

A.2.1. Installers

A.2.2. Linux

A.2.3. Compiling from source

A.2.4. Using a version manager

A.3. Hello Node

A.4. Hello npm

Appendix B: npm Packages Used in This Book

B.1. A quick word about version numbers and Semver

About the Technology

As a low-level platform, Node.js gives you a lot of flexibility in building the server side of your web applications. In your day-to-day work, all this flexibility means that you have a lot of important decisions to make every time you start a new project. Hapi.js, a battle-tested configuration-centric framework for Node, takes the pain out of spinning up new applications so you can focus on adding business value and creating great features. Hapi offers a super-clean model for building APIs, along with a powerful plugin system, so it's perfect for building individual services and for constructing entire applications.

What's inside

  • Build awesome websites and APIs
  • Write reliable and maintainable code
  • Create applications using small, well-defined modules
  • Simple caching, validation, and authentication
  • Dozens of relevant examples
  • Run applications in production

About the reader

Readers should be comfortable with JavaScript and the design of standard websites and applications. Previous experience with Node.js helpful but not required.

About the author

Matt Harrison is a freelance web developer and consultant. He's a core contributor to hapi.js, a frequent blogger, and an active member of the Node.js community. In a former life, he was an architect.


Manning Early Access Program (MEAP) Read chapters as they are written, get the finished eBook as soon as it’s ready, and receive the pBook long before it's in bookstores.
Buy
  • MEAP combo $44.99 pBook + eBook
  • MEAP eBook $35.99 pdf + ePub + kindle

FREE domestic shipping on three or more pBooks