How should I use Backbone with REST via AWS? - rest

I'd like to start practicing JS server-based stuff in a real-world environment (not localhost) and AWS seems to be the most economical way to do this. And I'd like to start by using Backbone in conjunction with REST.
If I do this, is REST out-of-the-box ready on AWS and it's just a matter of throwing my Backbone code on the server? Or is it a matter of configuring the REST API on AWS?
Thanks in advance!!!!

As the comments indicated, web applications are broken up in to two parts, the client and the server, and Backbone is an exclusively a client-side library ...
... well, almost. There is a server-side Javascript web framework called Node.js, and if you really wanted you could use Backbone on it. Alternatively you could run a more traditional server-side language/framework like Ruby/Rails, Python/Django, etc. If you are using AWS's EC2 service you basically get your own computer to do what you want with, and you can use Node, Django, or whatever else to write a REST-ful webservice that your client-side code can use.

Related

ArangoDB Foxx as a REST back-end

I am working on an app that would greatly benefit from Arangos' multi-model capabilities. Considering the app needs for the back-end, I have concluded that most, if not all, of it could be served through a REST API as to aid cleaner design for future development and integration with others. The API would then be consumed by several web and mobile front-end frameworks to handle the rest of the logic. The project will be developed with Javascript for the whole stack, using the NodeJS ecosystem.
.
The question itself:
Should and could one use arangodb + foxx to create the complete back-end stack for serving a REST API, thus avoiding another layer/component in the stack? e.g. express/hapi/loopback etc.
.
Major back-end requirements:
Authentication with roles
Sessions
Encryption
Complex querying (root of my initial thought, as to avoid multiple hops between DB and back-end)
Entry parsing, validation and sanitization
Scheduled tasks
.
Mainly looking for:
Known design advantages
Known design limitations
"Hidden" bottlenecks
Other possible future regrets
.
Side question (that might answer some of the above): Could Foxx utilise some of the node middleware available via npm?
Thanks in advance for your time!
You can use ArangoDB Foxx as the sole backend of your application, however it is important to keep the limitations of Foxx (compared to a general purpose JS environment like Node.js) in mind when doing this.
You mention encryption. While ArangoDB does support some cryptography (e.g. HMAC signing and PBKDF2 key derivation for passwords) the support is not as exhaustive and extensible as in Node.js. Also when using computationally expensive cryptography this will affect the performance of the database (because unlike Node.js Foxx is strictly synchronous and thus all operations should be considered blocking).
ArangoDB does not support role-based authentication out of the box but it is perfectly reasonable to implement it within ArangoDB using Foxx (just like you would implement it in Node.js, except you don't need to leave the database).
For sessions there are generally two possible approaches: you can either use a collection with session documents (using ArangoDB as your session backend) or you can keep your services stateless by using signed tokens (Foxx comes with JWT support out of the box).
Complex/stored queries and input validation (using the joi schema library originally written for hapi) are actually some of the main use cases of Foxx so those shouldn't be any problem whatsoever.
Foxx comes with its own mechanism for queueing tasks, which can also be scheduled ahead or recur periodically. However depending on your requirements an external job or message queue may be a better fit. The good thing is you can get started with the built-in job queue right away and still move on to a dedicated solution if the need arises during development.
As for middleware and NPM packages: Foxx is not fully compatible with Node.js code. While we provide a lot of compatibility code and try to keep the core modules compatible where possible, a big difference is that Node.js is generally used to perform asynchronous operations while in ArangoDB all operations are synchronous.
If you have Node.js modules that don't use crypto, file or network I/O and don't use asynchronous APIs (e.g. setTimeout, promises) they may be compatible with Foxx. A lot of utility libraries like lodash work with no problems at all. Even if you find that a module doesn't work it may be possible to write an adapter for it like we have done with mocha (integrated into Foxx) and GraphQL (via the graphql-sync package on NPM).
In my experience it is a good approach to put your Foxx service behind a thin layer of Node.js (e.g. a simple express application that mostly just proxies to your Foxx API) and/or to delegate some parts of your backend to standalone Node.js microservices (e.g. integration with non-HTTP services like e-mail or LDAP) which can be integrated in Foxx via HTTP.
One more thing: while a lot of existing express middleware likely isn't compatible with Foxx because of Node-specific dependencies and async logic, ArangoDB 3 will bring a new version of Foxx with support for middleware using a functionally express-compatible API.
I'm just starting to port my sails application to a FOXX application so I can answer some of your questions.
Role based authorization in ArangoDB is probably at too high a level than you want. In our case, we use an external service to authorize various web and service based applications at a very fine-grained level (much lower than a vertex or an edge). My feeling is that Authorization at that level will require you to write it yourself in javascript. If it's just CRUD on a per collection basis, then it shouldn't require much effort.
For authorization and sessions, I would look at the FOXX example found at: FOXX authorization-session example
It's not clear what you're asking about encryption. If you're talking about SSL connections, then that is natively supported (see arangodb end-points). As for internal encryption, there is a javascript crypto module ArangoDb crypto
Entry validation, etc. is supported by the javascript joi package.
Complex querying... Absolutely and getting even better in ArangoDB version 3.x. Traversals can be chained (go down using one edge collection, then up using another).
You're right on the ball when thinking about efficiency. This is the main reason we're going from sails to FOXX. In our case, we filter query results based on permissions from our external service. This means that we can't use ArangoDB native skip and limit support if these attributes are specified by the client. In sails, we have to bring back results in chunks and collect until we hit the appropriate skip and limit values. By moving to FOXX, we save a lot of network and other resources. We tested this by having sails forward the request to our prototype FOXX implementation. This scaled much better than the sails post-processing setup.
You can use NPM modules with restrictions. See Javascript Modules

Start with web API/REST API

I am in the process of creating an app (cross-platform with Ionic framework) and during my research about app with this framework I found the one created for HabitRPG and it is using an API to retrieve data, it totally suits my app as well, but I don't know where to start to create an API nor what to use.
I allready did some quick test with Spring, NodeJS and Symfony (with FOS) but I'm looking for something really easy to use and to setup but still to have a lot of flexibility (like manage security, users, and data visibility).
Is there a specific technology easy enough to start with ?
If you want to create a Web API and host it, you can perhaps have the look at APISpark (http://restlet.com/products/apispark/). It's an online plateform that allows to design your APIs following REST principles and then host them. The data are also managed by the platform.
Hope it helps.
Thierry

For a Single Page Application: ExpressJS or Restify or both?

I'm working with NodeJS + Mongoose, writing a Single Page Application, so I need to serve some statics and then all the interaction between frontend and backend is done via XHR. Eventually I'm thinking about writing a native mobile app accessing the same backend. Is there any pattern / best practice I should apply here?, I thought that I may need to extract the API to be exposed via Restify, and handle the requests from the webapp only with ExpressJS? or should I just put all the stuff exposed via Restify? I guess my confusion comes from not being worked with Restify before, so any explanation about how is it different from ExpressJS (specially when talking about a Single Page App) is really welcome.
I am implementing a similar solution, mobile app & website with expressjs and backbonejs. I did not use restify because i did not think i needed the extra complexity, there were not that many API endpoints so expressjs handled everything ok for me.
BTW take a look at this post on restify performance, I just saw it today and have not personally validate the contents.
Benchmarking APIs using PerfectAPI vs Express.js vs Restify.js « « PerfectAPI Blog PerfectAPI Blog http://bit.ly/xrTguB
Restify is packaging DTrace and various handlers that Express doesn't. If you just have one API endpoint and don't need DTrace, it doesn't make sense to run Restify.
Also, you might want to try express-resource

SOAP web service UI

I need to interface a SOAP web service and, for demonstration purposes, I also need to show the API functionality in a graphical user interface.
I would like this interface to be simple, sleek and nice looking.
What's the best technology to create this UI? I'm familiar with Java, Javascript, CSS, HTML, XML, PHP, etc..
Well, there is are a bunch of different options. You can create an application from scratch using the technologies above.
I personally recommend the playframework at http://www.playframework.org, it provides a lightweight and easy to use Web Service API.
See http://www.playframework.org/documentation/1.2.4/libs#WebServiceclient for details.
PHP is also a very good option, but I think you will get up to speed faster with Play.
Node.js is another excellent option...
Not sure how far you need to go with your UI, if it's just a matter of showing the message being sent and the answer, SOAPui may be enough, there is osx SOAP Client and REST client for mac.

Recommendation required RESTful web services on Linux

Looking for a recommendation of which framework/web server to go with on Linux. The idea is to build database backed RESTful web services.
I know Java, c++, c# (irrelevant I guess on linux) and C. Okay with developing in any of those.
Here is a table of frameworks that have varying degrees of support for REST and the languages they use.
You might want to check out RESTx. It is multi lingual: You can write code in Java, Python (server-side JavaScript coming soon). RESTx is specifically a platform for the creation of RESTful resources and web services. It is NOT a traditional application framework. DB backed web services are actually a specialty of RESTx: You identify the reusable components you want (in this case a JDBC capable DB access component), and then just configure it through the RESTful API or by filling out a small form in a browser. As a result, you get a new RESTful web service, which encapsulates the query you specified when creating the new resource.
I'm the lead developer on RESTx, so if you have any questions, please contact me or visit our forums.
If I were you I would go with Ruby 1.9.2 + Rails 3
they're fun and you get to learn something new
ubuntu specific install guide: http://web2linux.com/installing-rails-3-on-ubuntu-10-04-lucid-lynx/
official RoR intro: http://edgeguides.rubyonrails.org/getting_started.html