hapi.js in Action
Matt Harrison
Foreword by Eran Hammer
  • December 2016
  • ISBN 9781633430211
  • 384 pages
  • printed in black & white

Your first step toward becoming a hapi.js expert.

From the Foreword by Eran Hammer, Creator of hapi.js

Hapi.js in Action teaches you how to build modern Node-driven applications using hapi.js. Packed with examples, this book takes you from your first simple server through the skills you'll need to build a complete application.

Table of Contents detailed table of contents

Part 1: First Steps

1. Introducing hapi

1.1. What is hapi.js?

1.1.1. What makes hapi special?

1.1.2. What kind of framework is hapi.js?

1.2. The Building blocks of hapi

1.2.1. Servers

1.2.2. Connections

1.2.3. Routes

1.2.4. Handlers

1.2.5. Plugins

1.3. When you should (and shouldn't) use hapi

1.3.1. When you should use hapi

1.3.2. When you shouldn't use hapi

1.4. How it works

1.4.1. Installing hapi

1.4.2. Creating a server

1.4.3. Adding some routes

1.4.4. Registering a plugin

1.4.5. Taking it for a spin

1.5. Getting Help

1.5.1. hapi.js website

1.5.2. Make me hapi

1.5.3. Github

1.5.4. IRC

1.5.5. Stack Overflow

1.5.6. Read the code!

1.6. Summary

2. Building an API

2.1. Designing the API

2.1.1. Your mission, should you choose to accept it

2.1.2. Gathering requirements

2.1.3. Designing the API endpoints

2.2. Getting set up

2.2.1. A directory to work in

2.2.2. Preparing a database and some sample data

2.2.3. The sqlite3 node module

2.3. Retrieving and searching recipes

2.3.1. Introducing server.route()

2.3.2. Route handlers

2.3.3. Endpoint A: Retrieving all recipes

2.3.4. Endpoint A: Searching recipes

2.3.5. Endpoint B: Retrieving a single recipe

2.4. Writing maintainable code

2.4.1. Modularizing routes

2.4.2. Meet server.bind(): Setting the context in handlers

2.4.3. Modularizing handlers

2.5. Authentication

2.5.1. Schemes and strategies

2.5.2. Implementing bearer token authentication

2.5.3. Working with user credentials

2.6. Creating and starring recipes

2.6.1. Test-driving your endpoints

2.6.2. Endpoint C: Creating recipes

2.7. Summary

3. Building a website

3.1. The DinDin Website

3.1.1. What it looks like

3.1.2. How it works

3.1.3. Getting set up

3.2. Serving Webpages and Static Content

3.2.1. Serving a static file

3.2.2. Serving an entire directory

3.2.3. server.view(): Dynamic view rendering with Handlebars

3.2.4. DRY views: layouts and partials

3.3. Working with an External API

3.3.1. Using Wreck: Consuming APIs with hapi

3.3.2. The dynamic homepage

3.3.3. The recipe detail page

3.3.4. View Helpers

3.4. Managing Logins and User Sessions

3.4.1. Yar: Session management

3.4.2. Forms

3.4.3. Implementing login

3.4.4. Creating recipes

3.4.5. Implementing logout

3.5. Summary

Part 2: Expanding your toolbox

4. Routes and Handlers in depth

4.1. Routing in Depth

4.1.1. The hapi router: a note about ordering and conflicting routes

4.1.2. Route methods

4.1.3. Parameterized paths

4.1.4. How hapi picks a route

4.2. Building custom handlers

4.2.1. The internationalization (i18n) example

4.2.2. Parsing the Accept-Language header

4.2.3. First implementation

4.2.4. Making things simple again

4.3. Server methods

4.4. Route Prerequisites

4.4.1. The problem with concurrency in asynchronous Javascript

4.4.2. Specifying a route prerequisite

4.4.3. Using server methods with prerequisites

4.4.4. Multiple serial prerequisites

4.4.5. Parallel prerequisites: running tasks concurrently

4.5. Managing file uploads to hapi applications

4.5.1. Using "data" - Read the file contents into memory

4.5.2. Using "stream" - Get the files as streams

4.5.3. Using "file" - Save the files to disk

4.5.4. Additional payload settings

4.6. Summary

5. Understanding Requests and Responses

5.1. The request object and lifecycle

5.1.1. What is the request object?

5.1.2. The request lifecycle

5.1.3. Extension points

5.1.4. Which extension point should I use?

5.2. The reply interface and the response object

5.2.1. What is the reply interface?

5.2.2. Valid arguments to reply()

5.2.3. The response object

5.2.4. Responding with Streams

5.3. Dealing with errors

5.3.1. Programmer errors vs Operational errors

5.3.2. HTTP status codes

5.3.3. Introducing Boom: Creating HTTP Friendly Errors

5.3.4. Friendly HTML error pages for websites

5.4. Summary

6. Validation with Joi

6.1. Introducing Joi

6.1.1. How it works

6.1.2. A simple example: Validating a scalar type

6.1.3. A more complex example: Validating a compound type

6.2. Mastering Joi

6.2.1. Getting to know the API

6.2.2. Joi.assert() vs Joi.validate()

6.2.3. Type conversion in Joi

6.2.4. The abortEarly option

6.2.5. Exploring Joi errors

6.3. Validation in hapi

6.3.1. Validating inputs with Joi

6.3.2. Validating payloads

6.3.3. Validating responses

6.3.4. Customising the validation response with failAction

6.4. Bringing it all together: web form validation with hapi and Joi

6.4.1. How it works

6.4.2. Creating the skeleton

6.4.3. Creating the routes and views

6.4.4. Adding validation

6.4.5. Rendering errors on the form

6.4.6. Redirecting users after successful form submission

6.5. Summary

7. Building Modular Applications with Plugins

7.1. Plugged-in Thinking

7.1.1. What is a Plugin?

7.1.2. What can go in a plugin?

7.1.3. Plugin all the Things!

7.1.4. The Pingoo application

7.2. Creating and Loading Plugins

7.3. Creating a Plugin

7.3.1. Loading plugins with server.register()

7.3.2. Plugin Dependencies

7.3.3. Configuring Plugins with options

7.4. Composing Plugins with Glue

7.4.1. What is Glue?

7.4.2. Creating a Manifest

7.4.3. Smart configuration with the Confidence utility

7.5. Plugin Communication

7.5.1. Global server configuration

7.5.2. Exposing properties from within a plugin with server.expose()

7.5.3. Using an event system

7.6. Summary

8. Catch me if you can

8.1. Client-Side Caching

8.1.1. Setting headers manually

8.1.2. Setting a cache policy in configuration

8.1.3. Revalidation and ETags

8.2. Introducing Catbox: a Multi-Strategy Object Caching library

8.2.1. What is Catbox?

8.2.2. Catbox Clients and Policies

8.2.3. Staleness

8.2.4. Which cache strategy should I use?

8.3. Server-Side Caching in hapi applications

8.3.1. Configuring clients

8.3.2. Creating and using a Catbox Policy with server.cache()

8.3.3. Caching server methods

8.3.4. Organising cache data using keys, partitions and segments

8.4. Summary

Part 3: Creating rock-solid apps

9. Authentication and Security

9.1. Authentication in depth

9.1.1. hapi Authentication Recap

9.1.2. Which authentication scheme should I choose?

9.1.3. Authentication scopes

9.1.4. Authentication modes

9.2. Implementing Third-party Authentication with Bell

9.2.1. What is Third-Party Authentication?

9.2.2. Introducing Bell

9.2.3. Integrating Bell into a hapi app

9.3. Managing cross-domain requests with CORS

9.3.1. Allowing cross-origin requests from anywhere

9.3.2. Restricting access to resources to specific origins only

9.3.3. Dealing with custom headers

9.3.4. CORS and credentials (cookies)

9.3.5. Granularity of CORS settings

9.4. Protecting apps against CSRF with Crumb

9.4.1. Combatting CSRF attacks with CSRF tokens

9.4.2. Understanding CSRF by creating our own exploit

9.4.3. Protecting HTML forms using Crumb

9.4.4. Protecting restful APIs using Crumb

9.5. Security headers

9.6. Summary

10. Testing with lab, code and server.inject()

10.1. Introduction to lab

10.1.1. Your first test

10.1.2. lab as a local dependency

10.1.3. Organising tests with experiments

10.1.4. Asynchronous by default

10.1.5. lab syntax flavors

10.2. Making Assertions with the code Library

10.2.1. What is the code Assertion Library?

10.2.2. code's grammar - structure of an assertion

10.3. Testing hapi servers with server.inject()

10.3.1. Readying servers for testing

10.3.2. The server.inject() response parameter

10.3.3. Testing with request payloads

10.3.4. Testing Authenticated Routes

10.4. Levelling up lab

10.4.1. Reporters

10.4.2. code coverage

10.4.3. Linting

10.4.4. Leaking globals

10.4.5. Parallel test execution

10.5. Testing difficult-to-test code with stubs, spies and monkey-patching

10.5.1. Introduction to monkey-patching

10.5.2. Using Sinon's Spies and Stubs

10.5.3. Using proxyquire

10.6. Summary

11. Production and Beyond

11.1. Logging with hapi and Good

11.1.1. Introduction to server events in hapi

11.1.2. Logging with request.log() and server.log()

11.1.3. Production Logging and Process Monitoring with Good

11.1.4. Using multiple reporter instances

11.2. Documenting your Routes

11.2.1. Introduction to route tags, notes and descriptions

11.2.2. Autogenerated documentation with Lout

11.3. Monitoring

11.3.1. Introducing StatsD and Graphite

11.3.2. Measure anything with StatsD

11.3.3. Getting operations data from hapi using Oppsy

11.4. Debugging

11.4.1. Don't feel bad about just using console.log()

11.4.2. Node debug

11.4.3. Node Inspector

11.4.4. Core dumps with Poop

11.4.5. Realtime Request Debugging with hapi TV

11.5. Deploying SSL/TLS-enabled applications

11.5.1. Options for TLS

11.5.2. Setting up a TLS connection with hapi

11.5.3. Testing SSL with a self-signed certificate

11.5.4. Forcing HTTPS

11.6. Summary

Appendixes

Appendix A: Getting started with Node.js and npm

A.1. What is Node.js?

A.2. Getting Node and npm

A.2.1. Installers

A.2.2. Linux

A.2.3. Compiling from source

A.2.4. Using a version manager

A.3. Hello Node

A.4. Hello npm

Appendix B: npm Packages Used in This Book

B.1. A quick word about version numbers and Semver

About the Technology

The hapi.js web framework for Node.js is built around three radical ideas. Developer productivity: hapi's intuitive setup gets you up and running in no time. Maintainability: hapi's modular design allows for easy scaling and improvement. Flexibility: hapi has a lightweight core that you can expand and customize with plugins. Are you ready to get hapi?

About the book

Hapi.js in Action is an incredibly practical book that teaches you to build APIs, servers, and applications using Node.js and the hapi.js framework. You'll begin with an easy-to-follow mental model of a Node.js web application and see exactly where hapi fits into the picture. Then, you'll walk through building an API and composing it into a web application. Along the way, you'll explore key topics like validation, testing, authentication, and deployment. Throughout, you'll learn how to build rock-solid, secure, and fast applications.

What's inside

  • Best practices for Node application design
  • Building APIs with hapi
  • Maintaining and scaling applications
  • Extending hapi with plugins

About the reader

This book assumes you have strong JavaScript skills. Experience with Node.js is helpful but not required.

About the author

Matt Harrison is a core contributor to hapi.js and an active member of the Node community.


Buy
combo $44.99 pBook + eBook + liveBook
eBook $35.99 pdf + ePub + kindle + liveBook

FREE domestic shipping on three or more pBooks

Not just the best, but the only hapi.js reference you'll ever need.

Stephen Byrne, Dell

A pleasure to read, with excellent real-world examples.

Philippe Charriere, GitHub

This book made creating my first hapi.js app a joy!

Jeroen Benckhuijsen, GROUP9