The Switch To Node, Express,And MongoDB Part 2: The middleware

In part 1 of this series we talked about how we switched from parse.com  to finally land on the MEAN stack for the backend of all future mobile application development. As mentioned in that post this will be all about the middleware used in the backend stack. You should know up front that there is nothing in our middleware choices that will surprise developers that use express.  We love to keep things as simple as possible so there should not be anything unfamiliar here for people experienced with express middleware.

With that out of the way I think the best way to start is to just talk about each piece of middleware and what it is used for.  So...here we go.

Morgan
Morgan is used to log all HTTP requests to the terminal.  Thats it...pretty simple really.  It is a very handy way to see all HTTP traffic while in development.

Multer
From the README file: "Multer is a node.js middleware for handling multipart/form-data, which is primarily used for uploading files. It is written on top of busboy for maximum efficiency."

More specifically we use multer for handling the uploading of images from the mobile app and website app 

Passport
"Simple, unobtrusive authentication for Node.js"

This is a simple but powerful authentication middleware.  You can use it to authenticate with a local database or extend it to use social networks like Facebook and Twitter.  At the moment we use passport to authenticate a username and password with our local database and only for the web application.  The mobile authentication method is covered below.  

It is used in combination with express sessions where the user is stored in the browsers session storage.

body-parser
"Node.js body parsing middleware.

Parse incoming request bodies in a middleware before your handlers, available under the req.body property."

This is used to parse incoming POST requests.

bcrypt.js
Salt and hash user passwords.  This is the slimmed down version of bcrypt.  We have had so many issues installing bcrypt that including it became too troublesome.  bcrypt.js is a much more simple way to get the same functionality.

ejs
"EJS is a simple templating language that lets you generate HTML markup with plain JavaScript."

We tried other templating languages.  The one that we tried the longest was PUG.  It was fine and many developers swear by it but for me ejs was the way to go.  It allows for simple HTML, CSS, and Javascript to be used but allows you to include partials like the navigation in pages as well.  It also allows you to pass JSON to the page from the express route to be used in the page.  It is seriously simple and powerful.  Best of all it didn't require me to learn any new syntax for the templating language.  For the most part if you want to include a variable that was passed in, you simply enclose it in a <% %> tag.  

JSON Web Tokens
"JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties."

This is what we use to handle the authentication from the mobile application.  This is a seriously great way to handle authentication.  It is simple and secure.  When a user authenticates with a username and password from within the mobile application the route returns a JWT.  This token is stored on the device, (for iOS in the NSUserDefaults) to be used by any subsequent requests to the API.   

Mongoose
"elegant mongodb object modeling for node.js"

Enough said really.  This is the best way to set up schemas for your database.

Mailgun
In our latest application we needed a way to send transactional emails.  Mailgun makes this trivial.  Just set up the mail message with recipients and the right credentials.  Populate the body of the mail message with a string r in our case an ejs template and send it.  You will likely never have to pay them any money as well unless you are sending over 12,000 emails per month.  Even then the pricing seems very affordable.

Twillio
"Build apps that communicate with everyone in the world."

More specifically we needed to be able to send SMS notifications to people.  Twillio is the only way to get this done quickly and easily. You do have to purchase a phone number and some credits from them.  The pricing is easy to understand and very reasonable in my opinion.  Now all of your calls to send SMS notifications will include this number, the number to send to, and the message.  The messages are instant and the service works flawlessly.  Need to send the same message to multiple recipients?  Put them in a for loop and call it a day.  Its that easy.

PDFKit
"A JavaScript PDF generation library for Node and the browser."

We also needed to generate PDF documents programmatically.  This is a tedious process no matter how you try to tackle it.  PDFKit makes it fairly painless. 

mongoose-to-csv
"MongooseToCsv is a mongoose plugin that creates a CsvBuilder instance for your Schema."

In simple terms.  This plugin lets you parse a MongoDB collection to a CSV file.  You can specify what fields to include and the headers for each field and offer the resulting file as a download from the web application.  We use this to allow users to download all the data from the application after the event has been completed.

For the most part thats all of the middle ware we use.  Some of it is very specific to the Gala Assist application but most of it is fairly standard for nearly all express applications.  This list was compiled by looking at our package.json file which i will post below.   

//package.json file
{
  "name": "Gala Assist",
  "version": "3.1.3",
  "description": "An application to make your fundraiser a breeze.",
  "main": "app.js",
  "author": "Troubled Pixel",
  "license": "ISC",
  "dependencies": {
    "bcryptjs": "^2.4.0",
    "body-parser": "^1.15.2",
    "cookie-parser": "^1.4.3",
    "ejs": "^2.5.3",
    "express": "^4.14.0",
    "express-session": "^1.14.2",
    "jsonwebtoken": "^7.2.1",
    "mailgun-js": "^0.7.15",
    "mongoose": "^4.4.20",
    "mongoose-to-csv": "^0.1.0",
    "morgan": "^1.7.0",
    "multer": "^1.2.0",
    "nodemon": "^1.11.0",
    "passport": "^0.3.2",
    "passport-local": "^1.0.0",
    "path": "^0.12.7",
    "pdfkit": "^0.8.0",
    "twilio": "^2.11.0"
  }
}

In the last section of this series I will share some of the code used to make the routes and this middle ware work.  Stay tuned!

Jude Machin

Troubled Pixel, 4701 120th Blvd, Lubbock, TX, 79424, United States