Facebook like notifications with node - node.js

I kept searching for a tutorial that explains the logic behind facebook notifications (or any similar notifications system) and I couldn't really find any that approach this.
I mean those notifications with a dropdown that say "X commented on your picture" and so on.
How would you guys build such a feature with node? (socket.io?) What would you store in the database? If someone can give me some references would be great.

I never did a notification system to be honest, but as far as I know, yes, sockets (and for node specifically, socket.io, it's the only one I know) can allow you to do that easily, you should look at their basic documentation to learn more about it and understand how it can be done, and yes you can at the same time as notifying the user about the like, store it in a database for further reference, you can store the time, the profile who liked the post, the ID of the post, this kind of things.
Hope I'm clear and that you will find socket.io documentation easy enough to build your notification system!

Related

How do I know when to trigger a Server-Sent-Event?

What I want to do
I'd like to use Server-Sent-Events for notifications and another feature – I don't need to go into detail for the other feature, but it requires real-time updates taken from a database just like notifications do.
Possible alternatives
Websockets would be an option, but I think it might be a bit too much, as I only require a one-way channel for this. However I'm totally aware that I might be wrong here and Websockets could be the best option – feel free to school me on this. The current backend-setup is Node.js (Express.js webserver) with MongoDB.
Approaches I've seen so far
I've already seen some approaches on this matter, but the main issue here is that I'd like it to be as scalable as possible. Having a for-Loop constantly query my database is the worst approach I've seen so far. The best approach I've seen is observing the MongoDB oplog, but that one seemed a bit like a hack to me rather than a good, solid solution.
I posted a link to this question on reddit in the subreddit r/node where the user /u/PremJyotish221 told me to use Redis with PUB/SUB, and let me tell you... it works perfectly! :)
So to anyone stumbling over this with the same problem, I can absolutely recommend it. It's fast, easy, reliable, and scalable.

Create a REST-ful api in Node.js for notifications

I'm a newbie in Node.js and after doing initial learning on Node.js, I find it rather confusing to find out any best practices. My project requires to build a real-time notification system such that, when something happens at the server side or any of the connected clients, a notification can pop up at all connected clients. I couldn't find any official recommendations on what's the best approach and tools to take. I saw there are various frameworks written in Node.js seem able to do the job, but I'm hoping some one can give me some direction.
Thank you in advance.
Start with Angularfire if you want to code less.
You can create real-time apps without a backend part like so: https://github.com/tastejs/todomvc/blob/master/examples/firebase-angular/js/app.js
Note, this is a Q&A site. Ask a question next time. "Please direct me" is not allowed to ask here.

How to make chat app with maintain the chat history in Mobile php+nodeJS+socketIO+AppGyver

I'm thinking to do Chat application in AppGyver. For now I have chat app on web with NodeJS and SocketIO, messages are store in MySQL. I was thinking how to keep on phone messages history like whatsapp.
The first thing that came to mind is that i store messages in SQLite on phone. But now bothering me the following problem, how to refresh the changes that were made while the user was not online? Perhaps to make a new table in MySQL which would contain changes made while the user is offline.
For keeping the changes involves information about the deleted conversations, deleted or added messages.
The second thing that came to mind is that all the data which get from the server, to keep as json files. However, it is difficult to carry out the changes that have made while the user was not online. At every refreshment need to open all files, then find the appropriate value and make the change.
Which of these methods would you choose, or you may have a better solution?
I wonder if someone has done something similar and whether there might be a better solutions than mine?
Best regards.

Security in Play 2.2.x

I'm trying to secure my play application but I have no idea where to start. In play tutorial I have not found any chapter about that topic. As far as I see security topic is changing between play versions. So what are You guys using to secure Yours applications.
I'm new in Play so please forgive me if I'm asking obvious questions.
Edit:
Ok, maby question was't clear enough(I'm really sorry about that). When talking about security I mean that I need something to deal with users credentials and tool which allows me to restrict access to some pages and eventually to some rest actions in my application.
Edit2:
I'll try deadbolt2 now and we'll see how does it works. But I still encurage You guys to share Your knowledge about Play security with others:)
The documentation seems to still be a bit lacklustre on this topic, but essentially, authentication/authorisation functionality is usually performed using Action composition, which is the basis of reusable controller code in Play. There an example here (also linked from the docs that should help give you the general idea.)
Action composition in Play 2.2.x is done using ActionBuilders. These take a block which accepts a request and returns a Future[SimpleResult]. This allows the action builder to either execute the given block, or return a different Future[SimpleResult] (say, an Unauthorized in the case that a user's credentials did not check out.)
In our app we use the Play2-auth module for handling authentication with session cookies. This has (just) been updated to work with Play 2.2.x but uses a slightly different mechanism for action composition (stackable controllers.) You might be best off working out how the precise functionality you need can be accomplished just using the native framework tools before adding a dependency to it.
I agree with the other answers but just add that I use securesocial to integrate with other auth providers (google, FB, etc...), so I don't have to do auth myself. It's quite easy to get up and running.
https://github.com/jaliss/securesocial
Access control, security, etc. is a very wide topic, because it means very different things depending on context. This may be one of the reasons why Play has little documentation for it, which puzzled me at the beginning as well.
Play2 has some security helpers, namely it's the Authenticated method, for some insights on how to use it, check the comments in the source code. Its a simple method that you could implement yourself, and most do. It, essentially, just proposes a structure for where to place your methods that would check if request is authenticated and what to do if it's not.
Play2 also has some cryptography logic, which is used for signing cookies.
That's about it, you don't have any more pre-built security structures, but that's a good thing, because you don't want the framework making decisions like that for you, if it doesn't know in what context it will be used.
What is essential is to go and research how attacks relevant to your application are carried out, best practices and so on. I recommend going to OWASP, particularly the OWASP Cheat Sheets. If the list of Cheat Sheets seems intimidating start with the OWASP Top Ten Cheat Sheet. Don't mind the large volume of information, it's very useful knowledge.

Creating session mechanism with core nodejs

I am trying to create a complete session managment in nodejs for logins, chat sessions etc.
I googled a lot and every solution that i got was with some framework/module. I don't want to use any module/framework. I would rather like to build my own solution for this:
So this is the plan:
I will set a session cookie on the client machine (yet to figure out how)
For each cookie, i will be maintaining a unique id in the database instead of files as is the case with php (i am using mongodb)
When a user opens the application, a cookie will be set, a entry will be made in database and corresponding information from the db will be fetched.
I am yet to lay a concrete plan for this. I wanted to know whether doing it this way is a good idea? i read somewhere....'Real men don't use any framework. They make everything on their own' :P
Please correct me if i am on a wrong direction. M just starting with these things....
I'm not aware of any node.js frameworks that are closed-source. Just pick one that seems to do what you want to do, download it, and study the source code to see how the developer implemented it. Then come up with your (perceived) improvement on how they did it. You'll probably find that implementing session management involves a whole bunch of nitpicky details that were never obvious to you.
Ignore all the above advice if this is a school assignment where you're not allowed to look at related code. If that's the case, I pity you because you have an incompetent teacher.

Resources