MEAN stack project structure doubts - node.js

I'm developing a MEAN stack-based application,I've some doubts about the file structure,I'm considering three options:
Frontend(Angular) served by Apache and REST API on NodeJS divided by port(80/443 and 8000)
Frontend(Angular) served by Apache and REST API on NodeJS divided by subdomain(www and api)
Frontend(Angular) and REST API served both by NodeJS divided by routes (/page and /api)
I've searched online, but I haven't found nothing

Personally I'd go with the last option on your list: "Frontend(Angular) and REST API served both by NodeJS divided by routes (/page and /api)".
I saw an answer on here recently that said:
When you serve a node.js app note that you are the author of your own web server. Any potential bug in your app is a directly exploitable bug on the internet. Some people are (justifiably) not comfortable with this.
Adding a layer of Apache or Nginx in front of your node.js app means you have a battle-tested, security-hardened piece of software on the live internet as an interface to your app. It adds a tiny bit of latency (the reverse proxying) but most consider it worth it.
This used to be the standard advice in the early days of node.js. But these days there are also sites and web services that exposes node.js directly to the internet. The http.Server module is now fairly well battle-tested on the internet to be trusted.
Regarding security, this says to me that you shouldn't need things such as Apache or Nginx in front of your Node app.
In terms of opinion of file structure, I'd choose this option also just because I've worked in a number of places where they've done this and it's made interacting with the API simple, predictable and approachable for both internal and external parties who want to consume the API (I'm a big fan of companies using either api.mydomain.com or mydomain.com/api/).
However I guess this down to preference.

Related

Migrating from LAMP+AngularJS to something more mixed

We have a web app (CRM type) working on Linux (Debian) with Apache, MariaDb and PHP for the backend, and AngularJS (1.x) for the frontend.
Thinking about a redesign, I need advices on a solution I have in mind, but I'm not sure it would be relevant...
A new website (e-commerce) will come along the CRM and use directly or not (API) the same database.
So my first take would be to put the MariaDb on a dedicated VM. It uses much ressource right now, so much more with another app using it.
Then the CRM and website could connect directly in remote (too risky?) or call an API. I guess the second solution would be better and means I could put my backend PHP part (already working as an API for AngularJS) along with the database, on that new VM.
I guess Debian + Nginx would be a good choice to go with them.
I prefere PHP to handle databases 'cause I'm used to it.
On the other hand I would still have AngularJS alone, a deprecated JS framework.
One thing that was hard to work with, about AngularJS/PHP, was that sometimes I needed to format data for Angular from PHP, and vice versa. It wasn't very clear where to put that formating, 'cause the backend was more about the database and not the frontend, and the frontend more about layout than PHP ORM ans design.
Furthermore, we'd like to keep the CRM as a SPA (Single Page Application).
My take on that would be to go on a MEAN stack, without de M (MongoDB), starting from scratch, just keeping Debian and installing NodeJS, ExpressJS and Angular or another JS framework (Vue, React...).
A hole JS stack to have the same language and gain speed and performance with many little transactions with the server (assets, calls and promises to retrieve data from database). Also to learn more on JS and NodeJS particularly.
NodeJS to create the environnement and a web server, in place of Apache.
Angular (or another) to put data into HTML, and have the less treatments possible.
ExpressJS to be that intermediate part I was talking to, the place where formating can be performed: retrieving data from the views, formating them, sending them to the API, handling the response, formating it if necessary and returning it to the view.
It means I would go from one VM with:
AngularJS (frontend) -> PHP framework (backend) -> Database
To two VM with:
Angular (app frontend) -> Express (app backend) -> PHP API (database backend) -> Database.
What do you think of my use-case and the solution?
There are several benefits to splitting up your services, but almost equally many different solutions, so you need to ask yourself what your goal is. Performance? High availability/failover? You might need a lot of VMs, geo-redundancy, load-balanced VIPs, etc.
You can also look into making containerized services with Docker.
You talk about moving the database onto a separate VM, but that it might be risky. Why? If they are both on an isolated network, it should not be an issue.
If you're looking for stack advice, since you're talking about a full remake, I would recommend something both stable and modern like Laravel + VueJS for the web/API part. You're already comfortable with PHP, and a setup with Nginx will probably be much faster. But of course, there are almost infinite combinations to choose from these days.
As for the "direct or not" DB access: Having a versioned API is always a benefit.
Serving the SPA frontend will require very few resources, so your bottleneck will be between the API backend and DB. You can make it scalable by putting the API behind a VIP and load balance with something like HAProxy/Nginx.

Hosting server and client app on different server or on same server?

I am working on a learning project. I have build an authentication system in nodejs using local and Google strategy. Front end is a react app. There are two options for hosting
Deploy front end on static hosting providers like netlify or github pages and backend node app to heroku.
Deploy both backend and front end on heroku with front end code in the public folder and use express.static('public')
I am confused about both these approaches and could not find the answer on the internet. It will be a lot of help if you can explain the pros and cons of both the method and which one is suitable in what conditions. Links to the articles are also appreciated. Thank you in advance.
First approach
Pros:
Static content served from a different server has more optimization potential (using S3/CloudFront edge caching), nginx is blazingly fast for serving static files
Less network traffic on one server (content can be served from multiple points in parallel)
The nodejs application doesn't have to "waste" time serving static files that never change as has more time for actual dynamic content
Cons
Needs more configuration, since it's running on a different origin (dealing with CORS, appropriate security settings)
Premature optimization
More maintenance
Second approach
Pros:
Easier to deploy
Fast enough in most cases
I can give you an example based on the company I work for. We separate back and front on different servers for security and convenience. We block all ip's from making requests to our backend and only release the ip of the front server. We create specific rules for each server separately and if one of the servers stops for any reason, it does not affect the other one.
But this decision depends a lot on the type of application you develop and also the structure you need for your project. But consider the following: security, maintainability, and convenience.

Best Project Approach in Node JS

I'm new to Node JS development. As an ASP.NET MVC developer, I normally use Repository Design Pattern where I have separate projects for Front-End and Database access in one solution. In addition, when creating a REST api, this can be added to the existing solution. So when publish, it api and front-end is separated by a different route.
I've just created a REST Service in Node JS and it's really simple and I like it. However, when it comes to Front-end I was looking at ReactJS, I've seen a blog (unfortunately, I can't find the link) where it separates the process between the REST service and react front end. I'm just wondering if this is a common design pattern in nodeJS using ReactJS. And if there's a benefit on doing this. Specially nowadays, Full Stack developers are a common thing. I can see the benefit of it from a maintenance stand point but I'm just wondering if there's a benefit in terms of server resources i.e. memory, cpu. Should the OS handle 1 vs 2 nodejs process? Will this differ from using linux vs windows?
I see a huge benefit of separating the frontend from the backend so I would propose you to have your Node backend running in its own project and let's say a React solution running on its own. The React client can then consume that API together with other APIs later. By separating you have the benefit of scaling later.
If you've already built the REST service in node, you can access it via proxy in the React project's package.json by adding
"proxy": "http://127.0.0.1:5001/"
It helps manage CORS issues.

What is the main purpose of NodeJS internal HTTP Web Server?

I'm currently learning NodeJS and pretty excited about it.
But here is one thing that I am unsure and need help about.
As we know that NodeJS has its own internal http web server and we can simply create using http.createServer() method.
My questions are:
Is the internal http web server that NodeJS has, meant to replace similar http web server like Apache or Nginx?
If I need to create enterprise-scale application, does NodeJS internal web service capable of doing this? Or do I need to still use Apache/Nginx?
Please help. Thank you.
Adrian
node.js does not require a web server the likes of Apache or nginx, it is its own web server.
Walmart has used node for, in their words, "end-to-end javascript"... that is certainly enterprise-scale, though they don't explicitly say they're relying on http.createServer, end-to-end javascript would eliminate Apache or nginx and I doubt they've developed some exotic solution (though socket.io is a possibility)... generally speaking if you're using node on the web, you're using the built in web server in at least some capacity.
There perhaps is some benefit to using nginx as a reverse-proxy/static file server on the front end. If I were designing my "perfect system" I'd probably do that, but I'd still be passing back requests to the built in web server in node.
You don't need to use Apache or Nginx with node.js, but in practice, its probably a good idea.
Basically, Apache would sit in front of your node.js, and relay requests to and from your node app, using something like mod_rewrite.
The node http server module is great for firing up quick applications, but if you need things like SSL, complex mod_rewrites, directory security, detailed logs etc (ie all the stuff you would need in a commercial application), you need (or at least, its easier) to use Apache or Nginx in front of node.

Can we say node.js is a web server?

I found that I am confusing between web framework and web server.
Apache is a web server.
Tornado is a web server written in Python.
Nginx is a web server written in C
Zend is a web framework in php
Flask/Bottle is a web framework in Python
RoR is a web framework written in Ruby
Express is a web framework written in JS under Node.JS
Can we say node.js is a web server??? I am so confused between web server/ framework.
If somehow node.js is kind of webserver, not webframework (Express does), why do we need to put the whole node.js on top of Nginx server in useful practice??
Question on SO
Who can help???
Kit
Web server
Web server can refer to either the hardware (the computer) or the
software (the computer application) that helps to deliver content that
can be accessed through the Internet.1
The primary function of a web server is to deliver web pages on the
request to clients. This means delivery of HTML documents and any
additional content that may be included by a document, such as images,
style sheets and scripts.
A web server is the basic to delivering requests/pagess to the clients/user on the internet
Web framework
A web application framework is a software framework that is designed
to support the development of dynamic websites, web applications and
web services. The framework aims to alleviate the overhead associated
with common activities performed in Web development. For example, many
frameworks provide libraries for database access, templating
frameworks and session management, and they often promote code reuse.
A web framework uses a webserver to deliver the requests to client, but it is not the web server.
Node.js
Node.js is a platform built on Chrome's JavaScript runtime for easily
building fast, scalable network applications. Node.js uses an
event-driven, non-blocking I/O model that makes it lightweight and
efficient, perfect for data-intensive real-time applications that run
across distributed devices.
But then again you can also create CLI apps so I think you should see it more as a platform to write javascript programs to run on your server(computer) using Javascript programming language instead of just in the browser as in the beginning. I think you could see it as Javascript++ ??
You can also write web server with node.js as you can see on the front page of node.js. In the beginning Ryan said you could put Nginx in front of node.js because of the stabilty of the project. The project was and still is pretty young. Nginx is a proven web server that will keep on running while node.js can crash. Then again a lot of user just use node.js for that.
I would say Node.js is a Runtime Environment or a Runtime Engine.
Probably the best definition I have found so far comes from an article by Rob Gravelle entitled "An Intro to Node.js":
Node.js is part runtime environment and part library for building network applications using server-side JavaScript. It uses Chrome's JavaScript runtime engine to execute JS code directly without the need for the browser sandbox.
Also the PCMAG.COM Encyclopedia provides the following definition of "runtime engine":
Software that certain applications depend on to run in the computer. The runtime engine must be running in the computer in order for the application to execute. It provides common routines and functions that the applications require, and it typically converts the program, which is in an interim, intermediate language, into machine language.
Also the Wikipedia article entitled "Run-time system" declares:
A run-time system (also called runtime system, runtime environment, or just runtime) implements the basic behavior of a computer language, whether the language is a compiled language, interpreted language, embedded domain-specific language, or is invoked via an API as is pthreads.
... A run-time system may implement behavior of tasks such as drawing text on the screen or making an Internet connection. It also typically acts as an abstraction layer that hides the complexity or variations in the services offered by the operating system.
Well, are there any runtime environments (or even software platforms) like Node.js out there? I guess JRE is a good example of such an environment. Node.js and JRE - they have many in common. They all have (a kind of) virtual machine, a class library and a framework to implement many types of applications, including CLI ones.
So, getting back to your question, can we say that Node.js is a web server? Let's change "Node.js" for "JRE" and answer if JRE is a web server. The answer is no.
All that we can say is that Node.js is a runtime environment which one may use to implement a web server. Well, that's my opinion.
Saying node is a webserver is like saying javacript can only run inside a browser, you can say that but it can also do a lot of other things.
NodeJS
[Javascript runtime enviroment(Chrome v8 engine) + Node
Library/APIs]
Can create a web server, can also be described as a
Application server
Express
Web framework (uses nodejs's webserver to serve files)
Nginx
Web server
In production most people use Nginx in front of node server as a proxy server to serve static files and other various elements like caching, routing etc.
I would classify node.js as a server framework, with packages available that can make use of it as an HTTP server, or a WebSocket server, or your own custom protocol, etc.
The reason you might put nginx in front of your node.js server is for HTTP load balancing and reverse proxying across several machines running your server application.
How I feel your pain !
Like many, I found it hard to get to the essence of Node.js because most people only write/talk about the part of Node that they find useful - and the part they find interesting is usually a secondary benefit of Node rather than its primary purpose. I must say that I think it's mad for people to say that Node is just a JavaScript runtime. Node's use of JavaScript - and its selection of the V8 runtime - are simply means to an end, the best tools for the problem that Node's developers wanted to solve.
Node's primary purpose was to make the management of user events in a web app more efficient. So Node is overwhelmingly used on the back end of a web app. Event management demands that something is listening at the server machine for these user events. So a http server must be set up to route each event to its appropriate handler script. Node provides a framework for quickly setting up a server to listen on a dedicated port for user requests. Node uses JavaScript for event handling because JavaScript allows functions to be called as objects. This allows the task to be executed immediately after an asynchronous request (e.g. to a file system, database or network) to be wrapped in a function and referenced as a parameter of the asynchronous request function call.
const mysql = require('mysql2');
const conn = mysql.createConnection(
{
host: "XXXXXXXXXXXXX",
database: "doa_statsbase",
user: "uoalabama_doas",
password: "*************"
});
. . .
. . .
const analyse_bigwheat_farmers = (err, result, fields) =>
{
. . . . .
. . . . .
return data_object;
}
. . .
. . .
let query = "SELECT * FROM us_farmers WHERE acreage > '1000' AND crop='wheat'";
mysql.query(query, (err, result, fields) =>
{
analyse_bigwheat_farmers(err, result, fields);
}
. . .
. . .
. . .
Not many other languages treat functions as objects and those that do may not have an interpreter as efficient as Google's V8 runtime. Most web developers already know JavaScript so there's no additional language learning with Node. What's more, having callback functions allows all user tasks to be put on a single thread without having explicit blocking applied to tasks demanding access to the database or file system. And this is what leads to the superior executional efficiency of Node under heavy concurrent use - the primary purpose for its development.
Today, most Node web applications use callbacks sparingly as JavaScript ES6 introduced the Promise construct in 2015 to handle asynchronous calls more easily and readably.
To help Node users quickly write back end code, Node's developers also organized both a built-in JS library for routine tasks (e.g. matters related to HTTP requests, string (de)coding, streams etc) and the NPM (Node Package Manager) repositary: this is an open source, user-maintained set of script packages for various standard and custom functions. All Node projects allow importation of NPM packages into a project via the established npm install command.
User requests handled via Node will be things needed by the web app like authentication, database querying, content management system (ApostropheCMS, Strapi CMS) updates, etc. All these will be sent to the Node port. (Where analysis of data got from a database is takes a lot of CPU time, this type of process is best put on a separate thread so it doesn't slow simpler user requests.) Other types of user request, e.g. to load another webpage, download CSS/JS/image files, etc, will continue to be sent by the browser to the default ports (typically ports 80 (HTTP) and 443 (HTTPS) on the server machine where the web server program (Apache, NGinx, etc) will handle them in the mode of a traditional website.
[A side note here on request streaming to the server. Since most server machines' firewalls only allow the default ports 80/443 open, it is not usually allowed to directly send a Node.js request with another port in the URL, e.g. https://mynodeapp.com:3001/fetch-members. If one did, the server machine's firewall would simply ignore it as it directly references an illegal port.
Instead one could apply a URL to the request that has no explicit port number but which contains a virtual folder name that identifies the Node.js app, e.g. https://mynodeapp.com/mynodeapp/fetch-members. Then append some server directive code on the .htaccess file like:
RewriteEngine On
RewriteRule ^mynodeapp/(.*) https://localhost:3001/$1 [P]
Node.js requests given URLs in this way will thus find their way to the Node.js server for that web app via the nominated ports for the Node application, i.e. 3001 in the example here.]
So, in practice, Node is principally a framework for rapid server-creation and event-handling but one that replaces only some of the functions of the web server program.
Other non-backend uses of Node simply exploit one or other of its features, e.g. the JavaScript V8 engine. For example, the frontend build tools Grunt and Gulp use a frontend Node.js app to process a build script that can be coded to convert SASS to CSS, minify CSS/JS files, optimize image size or image loading, generate page-state HTML files for refreshing page-states in a single page application site, etc. But this sort of work is really just a by-product use of Node and not its principal use which is for making efficient backend processes for modern web applications.
Web server is something that serves its clients through internet over protocols and Web Framework is something like which we call as compiler. It consists of all the required libraries, syntax rules, etc.
And node.js is a framework!!
I think the problem is that the terminology of "web server" or "web application server" is dominated by the JEE world, and products, that are not as modularized as today's Javascript world of frameworks, which in turn can be combined more or less freely.
I see no reason why a technology, that can serve complex applications over the web, should not be called a web server, or web application server!
If you combine, let's say Nuxt as a frontend, with Feathers as a backend - you'll have a backend serving a REST API and a server-side rendered UI!
Of course, you could (mis)use that to serve static content - then I'd call it a web server, or you could use it to make and serve a full application - then I'd call it a web application server.
It's the combined features or qualities that sum up to serve a purpose - right? - Features like stability, scalability and such are IMHO something that will be added to those technologies, over time. For now, they're pretty new still.
No it's a runtime environment... so it is not a web server yet it does not need one to run. So probably this is why it could be confusing. It can run standalone without needing any webserver because it is a runtime itself but again it is not a webserver.
I just used Node.js for the first time to create a Discord bot. My thought was "Wow, Node.js is a server? I thought it was a JS library!" Or perhaps I could have thought about it as a framework.
Is it a web server? No but you can make one with it.
Is it a server? As in the software that receives queries and serves the result? Yes.
In my case, I have issued the command:
node index.js
And now Node.js is waiting for requests to respond to (via my bot). It's a server, but it isn't serving web pages.
Although Nodejs is treated as a pretty cool, lightweight runtime environment and consists an awesome package manager called npm in node ecosystem. You can spin up a REST API, web application server using express framework which serves to a dedicated port. And it primarily required no web server on top of it.
whereas web server's main agenda is to serve as layer 7 loadbalancer and proxy server. According to Industry Standard most commonly used web server is nginx due to reliability. Although you can configure a http proxy server using node libraries and express framework.

Resources