Async Special:
Hapi.js Workshop - Post Event Update:

This document covers code example updates since the event and answers some questions I did not have time to cover.

Code update to Hapi v0.8.x

All the examples we used during the workshop are now in Hapi v0.8.x as promised. You can find them at: https://github.com/glennjones/hapi-workshop. The Hapi team always provide clear release notes with all the breaking changes i.e. https://github.com/hapijs/hapi/issues/2186. In this case the main impact to our code was on how plug-ins are registered.

Bookmark-api architecture changes

There were a number of comments made about the architecture of the example code, which I have tried to address. I have updated the example with the following:

  • Shared database connection, built as a singleton
  • Configuration manager, built as a singleton that allows for different environment settings
  • Uses of module.exports

I am going to keep updating this example making it more sophisticated over the next few months. If you’re interested please watch the repo to keep updated.

Singleton’s and database connections

During the workshop a number of people asked about different patterns to share the database connection when using Hapi. The way I originally passed a reference was not the most elegant solution. So I have created two example projects to show the different approaches. The "shared database connection" using a singleton is my favoured approach. Someone refactored the code on the day to use a pattern like this. The hapi-mongodb plug-in is also a good solution, but does not provide the same level of abstraction for larger projects.

Using module.exports

In the original code there were some sloppy uses of exports which meant I had references to objects in modules such as server.route(Routes.routes);. I have now corrected this by using module.exports in the routes.js.

Middleware and Hapi server.ext

Hapi does not have the concept of middleware like Express. In the blog post http://hueniverse.com/2012/12/20/hapi-a-prologue/ Eran Hammer wrote about some of the reasons his team found middleware in Express to be problematic and why it’s not in Hapi. That said if you are looking for some way of adding functionally during the request flow Hapi does have server.ext. I have written a small example of adding X-API-VERSION headers to every request. I would recommend wrapping server.ext based functionally into plug-ins.

Using server.inject within your app

At the end of the workshop Remy Sharp asked me about using server.inject from within the app to access functionality. If you remember server.inject simulating an incoming HTTP request without making an actual connection. This would give you exactly the same functionality internally as someone making a HTTP request from outside your app. Although this approach is good for features like testing and grouping multiple requests together, it can add a bit of complexity. You may have to create HTTP like security context to authenticate a request. You should also consider accessing the functionality directly from the model/data access layer of the app as an alternative to using server.inject. If you do want to use server.inject this way, take a look at how it is used in https://github.com/hapijs/bassmaster

If you want to create one project as both a web based API and a module for reuse in other code take a look at my text-autolinker project. The lib/interfaces.js file allows this type of dual use.

Examples of authentication and logging

If you want to learn about using the authentication or logging plug-ins I was showing you in the workshop, I have created a small example project for each.

The importance of HTTPS

While I spent sometime talking to you about how to setup and use bearer tokens and other types of authentication, I ran out of time to add the important message about using HTTPS for your API. Please think carefully about man in the middle attacks and add HTTPS or other encryption to your site. If you do enforce HTTPS please also check it’s configured correctly using sites such as https://www.ssllabs.com/ssltest/