API + Static Clients - Speaker Deck

Slide 1

Slide 1 text

API + Static clients Challenging regular Web development approaches

Slide 2

Slide 2 text

Who the hell..? Ronan Berder খ۽ Makara Wang ԦߒӉ Wiredcraft http://wiredcraft.com

Slide 3

Slide 3 text

About you guys • Who here is building apps with node.js?

Slide 4

Slide 4 text

Concepts

Slide 5

Slide 5 text

Use cases • Static blog (Github pages) with dynamic data beyond comments. • Multiple clients (Web, mobile, tablet) with a single service.

Slide 6

Slide 6 text

Why RESTful • Not JSONP (not only GET) • Why?

Slide 7

Slide 7 text

What’s diﬀerent?

Slide 8

Slide 8 text

Some stuﬀ is hard • CORS (Cross-origin resource sharing) • Sessions

Slide 9

Slide 9 text

How to get around it • CORS: • Allow anything from anywhere... • Have the clients registered.

Slide 10

Slide 10 text

How to get around it • Session • Require CORS credentials being sent and manage sessions regularly • Manage sessions in a diﬀerent way.

Slide 11

Slide 11 text

Show me the code!

Slide 12

Slide 12 text

Server side

Slide 13

Slide 13 text

CORS • cors.js • Express 3.x (http://expressjs.com/) • Debug (https://github.com/ visionmedia/debug)

Slide 14

Slide 14 text

Session • Express + connect-redis • Passport (http://passportjs.org/) • Either • app.use(passport.session()); • passport-http-bearer

Slide 15

Slide 15 text

Client side

Slide 16

Slide 16 text

CORS & Session • Hard work is done on the server • A bit of conﬁguration • Lots of Javascript: need solid tools

Slide 17

Slide 17 text

Tools • Marionnette (http://marionettejs.com) • Component (http://github.com/ component/component) • Jekyll (https://github.com/mojombo/ jekyll)

Slide 18

Slide 18 text

A few thoughts

Slide 19

Slide 19 text

Feels right • More versatile • More isolation: • Simpler to prototype • Easier to maintain and re-use • Easier to secure • Better performances...

Slide 20

Slide 20 text

Questions?