Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
It's been a while since I'm looking for a Node.js package to provide a clean (but customizable) admin interface to perform CRUD actions on a MongoDB database in a structured manner (allowing trusted users edit their data involving automatic form validation, considering relationships between models, etc).
It's true it can always be used 3rd party tools to achieve this purpose (like the Django Admin interface or Rails Admin).
But I was wondering if there's an already made solution out there running on top of Node.js.
Does anyone know a solution of this kind?
Note that I'm NOT looking for an interface to access databases, like phpmyadmin or mongoose-admin.
https://github.com/jedireza/drywall
This seems promising as a good start to an admin panel.
Have a look on this link:
https://github.com/wearefractal/smog
... it is a straightforward tool to admin mongoDB from webUI.
it looks pretty good, and may be in near future User based management will be added, but you can extend this to support the features you need.
UPDATE
smog is no longer supported, instead have a look into MongoTron
If your Node.js app exposes a RESTful API, ng-admin is a good solution.
Disclaimer: we built it.
We've used http://keystonejs.com/ for creating admin UIs.
We are using Formage (https://github.com/Empeeric/formage) as an admin addon and so far it has worked well for our basic needs. It is a fork from Mongoose-admin.
Check penguin: a module that automatically generates administration pages based on your Mongoose models.
I'm using https://npmjs.org/package/mongo-express if you're used to bootstrap you might enjoy it too.
You could take a look at AllcountJS. It's actually not a admin UI tool but rather a framework for rapid business application development. It builds auto-generated UI (grids, forms, etc.) from domain model descriptions in JSON-like format. Provides built-in security and user management. Supports view customization and theming (see extending docs). If you're already using Express in your application you could integrate them to run in single Node.js instance.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
Is node.js is only for real time applications like chat or multiplayer games? I know little bit of PHP, Python and ASP.
But I love JS the most. But I am interested in building particular type of application such as-
Content based app (like CMS, forums or community sites)
Utility tools (web2pdf converter, image editing or other frequently used tools)
Business tools (SEO analysis tools etc)
Is node.js only for real time applications??
Edit 0- Can you please give examples of node apps other than real time applications
Edit 1 : can node be used for IO operations or serve static pages over http. Isn't it just another web technology like PHP or ASP.NET
Edit 2 : What can node do that PHP can't. Also anything that PHP can and Node can't.
Node.js is useful for any application that does not involve CPU-bound work.
Node.js is basically just javascript, including the asynchronous aspect of javascript, running outside of the browser. The basic framework it comes with allows you to setup a server really easily, and that's what most people use it for, although it can do most things any other server side language can do (File IO, Networking, Multithreading, etc).
Node.js can be used for most applications, as it's expandable via modules, and has a great developer community. You can see the different companies who use it at http://nodejs.org/industry/.
Some great tutorials can be found by Googling node + the type of project you want to build and you can also find a list of resources in the Readme of their github https://github.com/joyent/node. After you feel comfortable with node, then browse some github node.js repositories, and figure out which modules you want to work with to make your project. Then keep learning!
Javascript is a great language, and node.js is an awesome technology. Good luck!
Node.js is farmost, one of the best technology of its kind. You can build anything out of Node.js, scaling from realtime applications to normal websites. But what makes Node.js standalone from crowd, is its way of handling users request and response. In simple term Node.js come into play when there is lods and lods of traffic coming into your website.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
I'm new to ExpressJS. I want to create API's for my service which will be consumed directly by other servers and also a part of it by mobile apps/browsers. I just discovered Restify, Node-PerfectAPI, Node-APIServer and I don't know what the differences are.
Can someone kindly elaborate on the differences of each framework and the advantages/disadvantages.
Why would one choose Express/NodeJS vs. Other Frameworks for creating API'S?
Disclaimer: I am the author of node-perfectapi.
The focus of perfectapi is to make it simple for the developer to go from start to production-ready. It is more abstracted than node-restify. The impact of that is you have less flexibility in the design of your API, but at the same time, you should be able to get something production-ready much quicker, with less expertise.
Both restify and perfectapi have comparable performance.
The links in this answer go to pages that highlight the benefits of each solution.
I'm also working on a similar issue. One of the main difference that may interest you is the performance. I just found a blog post from the developer of "perfect-api" comparing his framework to the 2 others. http://blog.perfectapi.com/2012/benchmarking-apis-using-perfectapi-vs-express.js-vs-restify.js/
A comment states that Restify is doing much better now.
From my (limited) experience, I would say that express.js is easier to use than Restify and provides some nice tools as connect.js which is exposed. For example, this will avoid you the pain of writing a static file server even thought Connect can still be integrated with Restify.
On the other hand, Restify will make some common API tasks much easier. For example, it provides a throttle engine along with an API conversioning system which is really necessary in an environment where you deal with clients you do not control.
You should also consider https://npmjs.org/package/hapi
It looks very promising. There's a talk about the framework in https://www.youtube.com/watch?v=Recv7vR8ZlA where the main contributor to hapi talks about what makes an API framework tick.
If you go to node-perfectapi in github you'll see this message in the readme:
"I am not currently maintaining this package. You should probably look for another tool for what you need."
Therefore I conclude you are better off using restify since this is actively maintained.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
Background: I am working on a proposal for a PHP/web-based P2P replication layer for PDO databases. My vision is that someone with a need to crowd-source data sets up this software on a web server, hooks it up to their preferred db platform, and then writes a web app around it to add/edit/delete data locally. Other parties, if they wish, may set up a similar thing - with their own web apps written around it - and set up data-sharing agreements with one or more peers. In the general case, changes made to one database are written to another on a versioned basis, such that they eventually flow around the whole network.
Someone has asked me why I'm not using CouchDB, since it has bi-directional replication and record versioning offered as standard. I wasn't aware of these capabilities, so this turns out to be an excellent question! It occurs to me, if this facility is already available, are there any existing examples of server-to-server replication between separate groups? I've done a great deal of hunting and not found anything.
(I suppose what I am looking for is examples of "group-sourcing": give groups a means to access a shared dataset locally, plus the benefits of critical mass they would be unable to build individually, whilst avoiding the political ownership/control problems associated with the traditional centralised model.)
You might want to check out http://refuge.io/
It is built around couchdb, but more specifically to form peer groups.
Also, here is a couchbase sponsored case study of replication between various groups
http://site.couchio.couchone.com/case-study-assay-depot
This can be achived on standard couchdb installs.
Hope that gives you a start.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 8 years ago.
Improve this question
We are developing a web application using Spring framework and Hibernate ORM. As far as application security is concerned we are using acegi to provide authentication and authorization support.
Now about user input sanitation, we have tried to take take care about attacks like XSS and sql injections. We have tried to use as much as prepared statements and hibernate criteria for database updates and queries. Inputs are sanitized for javascript also.
For testing these we have tried to use tools like Firebug, Tamper IEand Fiddler2 etc.
We have also used tools like Watch Mouse to do vulnerability tests.
What are the other tools available for web application security and what are the things to be considered before starting a web applications security testing.
Thanks you
HP has a security assessment tool called Webinspect, but it not free and I wouldn't recommend it. Either my company doesn't know how to use it, or the tool has no consistency in finding vulnerabilities.
You're better off hiring an actual pen-testing contracting agency to look for vulnerabilities in your site. Sure, you could run automated scanners, but they can only do so much. You'll probably waste more money and resources attempting to learn and implement proper pen testing then you would just hiring someone else to do it.
The fact that you're asking this question means that you are not qualified to give the kind of confidence or complete coverage a commercial application would need before launch.
You can use AppScan, but its not free.
Burpsuite is an amazing tool for web application testing.
I do agree with hiring an outside team however, but if your company cannot/will-not, put a weekend into getting familiar with BurpSuite and you will undoubtedly find some bugs.
I agree with those who have encouraged you to look to an outside pen testing firm, if you want the best results now.
That said, one of the best all-around web app pen testing tools I have used is Burp Suite (portswigger.net). There is a free version that gives you most of the functionality, but investing $400 in the Pro version, which adds a vulnerability scanner and the ability to save state, is well worth it.
In addition, you should become very familiar with the OWASP organization (owasp.org), and the information/tools they make available for web app security. The Cheat Sheets and the Testing Guides can be very helpful, if you know how to use them.
Finally, if you are determined to build up your own application security team, then you should consider hiring some folks with extensive application security experience as well as a background in software development. There is more to application security than security testing. Static security code analysis and threat modeling are just two of the other areas you should be thinking about.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 3 years ago.
Improve this question
There's a project which we're doing for the govt which necessisiates the use of a workflow system. I'm looking for advice on what software systems we can use (either commercial or open source / freeware) with appropriate customizations.
Steps:
0. We monitor a certain site for "notifications". Whenever a notification is posted, this is what happens for each notification.
1. A team of 2-3 people (our employees) have to examine the document, examine whether we need to act on it. One person examines it, the other reviews the first's decision/action.
2. If we need to act on it, one of them needs to prepare a sort of summary document for outside experts. Again, another person (not the writer) needs to review it.
3. This document needs to be sent to outside experts (emailed in most cases, but also via postal mail). A database of experts and their specialities needs to be maintained.
4. A system of keeping track of which document went to whom and when needs to be maintained.
5. Responses will be received from the outside-experts (electronically and postal). The system needs to keep track of from whom we did NOT receive responses, so that we can remind them.
6. Once all responses have been collated, the company employees need to prepare a report which needs to be approved by a supervisor before it can be sent out to the govt.
I understand that a number of tools would be required and/or extensive customizations. That's fine - looking for inputs on all these aspects.
Steve!
If you already define a fixed workflow process, you can develop the workflow with Windows Workflow Foundation, or hire a developer to do it for you.
If you prefer a customizable workflow product, K2 (http://www.k2.com/) is a good option.
Are you using SharePoint or not?
In that case have a look at BlackPoint and Nintex.
Both will give you lots of workflow options based on SharePoint. If I interpret your requirements correctly these packages should be able to implement them all without coding.
I would advocate Nintex Workflow since I have positive experience working with it. Installation and initial configuration is quite easy although features are impressive. It also built is a way that end users can build their own flows, it's fairly easy to do. Also you can build more complex flows, create custom actions and use the web services SDK to access the activities/perform actions from the outside of the SharePoint - I used it from InfoPath and Silverlight forms.
A good commercial option would be PNMsoft's Sequence.