Building a Simple Searchable API with Express (Backend)

Express is still one of the most prominent server side frameworks for node. This little guide will show you how you can build a simple API and connect it with your frontend framework of choice.

If you’re trying to build a site that features a list of items, stores, products or similar on your front page, read on. Examples of this could be sites like producthunt.com or the Google Play Store.

Continue reading “Building a Simple Searchable API with Express (Backend)”

Express, Passport and JSON Web Token (jwt) Authentication for Beginners

This post is going to be about creating an authentication with JSON Web Tokens for your project, presumably an API that’s going to be used by Angular, Vue.js or similar frontend frameworks. We’re going to send the jwt with every request, meaning that we don’t rely on sessions, but simply put the token on every request we make to the API. This way you don’t have to worry about cookies, but you can save it in localStorage or other places on the frontend.

In essence this tutorial will go through:

  • creating a /login route to acquire a token
  • creating a /secret route, that only is available to logged in users with a JSON web token

If you’re curious about the final result and don’t want the step by step guide, check out the final jwt express gist.

Continue reading “Express, Passport and JSON Web Token (jwt) Authentication for Beginners”

How to: enable CORS in express.js (node.js)

Express.js is one of the most popular node.js frameworks for serving websites or building APIs. This article is about how to enable Cross Origin Resource Sharing, also known as CORS. For that we need to set the correct headers in the response, which allow a browser to make use of the data from any domain.

Continue reading “How to: enable CORS in express.js (node.js)”

CigTrack Day #6: Security and bcrypt

I’m a fan of improvisation, Duct-tape and hacking things into what you want them to do speedily and without a lot of testing. One of the areas, where I wouldn’t follow this approach is security.

Security is something many companies don’t take serious. Their servers get broken into, all their user’s data are stolen, leaked, etc. Not cool.

This is not because security is impossible, it’s because it’s just often ignored and can be expensive. Nothing is unbreakable, but in my opinion it’s worth to at least make an effort towards: hard to break. Continue reading “CigTrack Day #6: Security and bcrypt”

Poet – a node.js blogging platform

Poet is a great little node.js based project that allows you to start a blog in no time.

TLDR; Put a bunch of MarkDown files in a folder and it’s available as a blog to the rest of the world. I just started a new project for JavaScript and I of course wanted to run it on JavaScript, even before GHOST was released, so I went with Poet.

The description of the project by the author made me smile, so I’ll just quickly share this quote: Continue reading “Poet – a node.js blogging platform”