Author: Nic Raboy

TPDP Episode #25: Securing Applications With A Second Factor Of Authentication

March 2, 2019 Nic Raboy

I am pleased to announce that the latest episode of The Polyglot Developer Podcast is now available on pretty much every popular podcast network. This episode, which is episode 25 of the show, is all about two-factor authentication (2FA) and the things you should be familiar with when it comes to implementing it in your web applications.

In this episode titled, Securing Applications with a Second Factor of Authentication, I'm joined by Luke Walker who is a Solutions Architect at Yubico. In case you're unfamiliar, Yubico creates the very popular YubiKey which is often featured on technology news outlets as being an incredible hardware token for protecting users from malicious circumstances.

When it comes to 2FA, there are many approaches. These approaches can consist of SMS, push notifications, time-based one-time passwords, U2F, or even the new FIDO2. If you're interested in learning about each, this episode of the podcast should give you some insight before you try to implement them.

Fix GLIBCXX Errors From Serverless Framework And AWS Lambda

February 27, 2019 Nic Raboy

While I haven't done too much with Serverless Framework and Functions as a Service (Faas) recently, I did in the past and it isn't something that I've forgotten. In the past I demonstrated how to deploy Node.js functions to Amazon Web Services (AWS) Lambda that contain native dependencies. While not a necessity for all Lambda functions, it is for functions that use libraries for specific operating systems and architectures. For example, my previous article titled, Use AWS Lambda and API Gateway with Node.js and Couchbase NoSQL, fell into this situation. Making use of an EC2 instance or a Docker container with Amazon Linux will help most of the time, but there are scenarios where a little bit extra must be done to accomplish the task.

In certain circumstances everything may package and deploy correctly, but still throw errors. For example, a common error is around libstdc++ and a version of GLIBCXX not being found.

In this tutorial we're going to see how to resolve library errors that might not be caught in a typical packaging and deployment scenario with Serverless Framework and AWS Lambda.

Developing A GraphQL API With Node.js And MongoDB

February 25, 2019 Nic Raboy

While REST APIs are amongst the most popular when it comes to client consumption, they are not the only way to consume data and they aren't always the best way. For example, having to deal with many endpoints or endpoints that return massive amounts of data that you don't need are common. This is where GraphQL comes in.

With GraphQL you can query your API in the same sense that you would query a database. You write a query, define the data you want returned, and you get what you requested. Nothing more, nothing less. I actually had the opportunity to interview the co-creator of GraphQL on my podcast in an episode titled, GraphQL for API Development, and in that episode we discuss GraphQL at a high level.

You might remember that I wrote a tutorial titled, Getting Started with GraphQL Development Using Node.js which focused on mock data and no database. This time around we're going to take a look at including MongoDB as our NoSQL data layer.

Developing A RESTful API With Golang And A MongoDB NoSQL Database

June 27, 2019 (Updated) Nic Raboy

If you've been following along, you're probably familiar with my love of Node.js and the Go programming language. Over the past few weeks I've been writing a lot about API development with MongoDB and Node.js, but did you know that MongoDB also has an official SDK for Golang? As of now the SDK is in beta, but at least it exists and is progressing.

The good news is that it isn't difficult to develop with the Go SDK for MongoDB and you can accomplish quite a bit with it.

In this tutorial we're going to take a look at building a simple REST API that leverages the Go SDK for creating data and querying in a MongoDB NoSQL database.

Using Hapi.js, Mongoose, And MongoDB To Build A REST API

February 18, 2019 Nic Raboy

To continue on my trend of MongoDB with Node.js material, I thought it would be a good idea to use one of my favorite Node.js frameworks. Previously I had written about using Express.js with Mongoose, but this time I wanted to evaluate the same tasks using Hapi.js.

In this tutorial we're going to develop a simple RESTful API using Hapi.js, Joi and Mongoose as the backend framework, and MongoDB as the NoSQL database. Rather than just using Hapi.js as a drop in framework replacement, I wanted to improve upon what we had previously seen, by simplifying functions and validating client provided data.

TPDP Episode #24: Mobile Application Security

February 12, 2019 Nic Raboy

I'm pleased to announce that the latest episode of The Polyglot Developer Podcast titled, Mobile Application Security, has been published to iTunes, Pocket Casts, and every other major podcasting network that consumes the feed!

In this episode, which is the 24th episode of the show, I'm joined by first time guest, Rob Lauer, and returning guest TJ VanToll. Both of these guests work for Progress, which is the company behind NativeScript, and you'll remember that episode 5 was strictly around getting to know what NativeScript has to offer. The focus of this episode isn't around NativeScript, but around the security of your mobile applications. Just like with web applications, security is important with mobile, even if it isn't talked about as much.

In this episode you'll learn about protecting your application source code from reverse engineering, protecting your users data at rest, and securely transferring your data between remote web services.

Hash Password Data In MongoDB With Mongoose And Bcrypt

February 11, 2019 Nic Raboy

When creating a web application that handles user information it is a good idea to protect anything considered sensitive rather than storing it as plaintext within a database. The goal is to make it as difficult as possible for a malicious person to obtain access to this sensitive information. Rather than encrypting sensitive information with the knowledge that it can one day become decrypted, it is better to hash this sensitive data instead because hashing is a one-way process.

In this tutorial we're going to take a look at hashing password data with bcryptjs before storing it in a MongoDB NoSQL database with Mongoose and Node.js.