Validate Form Submissions In Node.js With Google reCAPTCHA

Anyone that operates a website or web application with a contact page knows how bad the SPAM problem on the internet is. Spammers, phishers, and other malicious people create bots that will crawl search engines for contact forms and send emails to the hosts, register accounts, or something else. There was a point in time that I was receiving more than ten emails a day from spammers that wanted to redesign my website. This kind of activity is incredibly annoying on my inbox.

This is where CAPTCHA and reCAPTCHA form elements come into play. These elements typically require some interaction such as typing words from an image or solving a math problem. Adding this small amount of form complexity can go a long way towards stopping bots.

We're going to see how to hook up a Google reCAPTCHA element into a client facing form and validate that element using a Node.js backend.

Implement 2FA With Time-Based One-Time Passwords In A Node.js API

Not too long ago I wrote about authenticating within a Node.js API using Json Web Tokens (JWT). The basis of the example is around authenticating via a username and password and receiving a JWT for every future request against the API. While that example is incredibly useful and follows best practice, it doesn't cover the scenario where you'd like to have a two-factor authentication (2FA) option for your users. In case you're unfamiliar, 2FA is a second layer of protection for accounts made possible by a time-based token generated by a shared secret key.

We're going to see how to add a two-factor authentication option to our Node.js API while continuing to use Json Web Tokens.

JWT Authentication In A Node.js Powered API

When it comes to API development, there is often a need to protect certain endpoints or rate-limit the API in general.  Because you are working with endpoints from clients possibly on a different domain, you can't authenticate users with sessions and cookies.  It would also be a bad idea to pass around a username and password with each request.  Typically endpoints are protected with tokens that are passed with each request and these tokens are often JSON Web Tokens (JWT) that work very well.

We're going to see how to create a very simple API using Node.js with protected endpoints that require a valid JWT in order for requests to succeed.

JavaScript Libraries In A TypeScript Application, Revisited

If you haven’t already gotten involved with it, you’ll probably know that TypeScript is becoming increasingly popular.  Being able to use a superset of JavaScript in a typed language that compiles down to JavaScript is a great thing.  However, if you’ve ever played around with TypeScript and tried to use JavaScript libraries, you’ll probably know that sometimes it can be a real pain.  Often JavaScript libraries do not ship with type definitions which are critical when it comes to playing nice with TypeScript.

If you’ve been keeping up with The Polyglot Developer you’ll probably remember two posts that were created.  Previously I had written about including external JavaScript libraries in an Angular application as well as adding type definitions to external JavaScript libraries in TypeScript.

We’re going to revisit these two articles and explore all the ways to include JavaScript libraries in TypeScript applications.  These include applications built with NativeScript, Ionic, and Angular.

(more…)

Upload Files To A Minio Object Storage Cloud With Node.js And Multer

The recent Amazon S3 outage that took down much of the internet inspired me to talk about alternatives.  Not too long ago I wrote about an open source object storage software called Minio and how I was using it on my Raspberry Pi for backups.  The great thing about Minio is it shares the same APIs as AWS S3, but can be deployed to your own hardware, eliminating Amazon as a dependency.

This time around I thought it would be great to share how to use Minio as an object storage for a Node.js application that uses the middleware, Multer, for handling file uploads.

(more…)

Why RxJS Is The Hottest Way To Handle Async

Observables. Native To The Web Platform?

One of the common misconceptions in the web world is that RxJS is an “Angular 2 thing”.

What most developers don’t realize is that Observables are on their way to becoming native to the web, and if you aren’t already using them to handle asynchrony, you are not adequately preparing yourself for the future.

The Best Way To Handle Asynchrony

RxJS allows you to solve hard problems with less code, promotes maintainability, readability, flexibility, and composability. These are just some of the reasons RxJS is the hottest way to handle async right now.

Learning how to handle asynchrony the reactive way instead of using promises and callbacks will also greatly reduce the probability that you are leaking resources. And because RxJS works with any framework (angular.js, react.js, ember.js, vue.js), node, and even without frameworks, it’s easy to future proof your applications and have confidence in using this technology.

(more…)

TPDP Episode #9: An Ember In The Land Of Web Frameworks

We’re nearing the end of 2016 and there are many JavaScript frameworks available to choose from, with more on the way.  Each framework offers a unique perspective of front-end development that can be very attractive to solo developers or development teams.  This brings us to a very popular JavaScript framework called Ember.js.  In this episode of The Polyglot Developer Podcast, I have guest speakers Tracy Lee and Taras Mankovski, who are both Ember experts.

Tracy Lee is a very successful JavaScript developer who sold her start-up and now focuses on her web organization Modern Web, which educates people on different development technologies.  Taras Mankovski runs a very popular consulting business called Ember Sherpa which also educates businesses on the Ember.js framework.  In the ninth episode of this podcast, An Ember in the Land of Web Frameworks, we explore Ember and the conveniences it offers in the realm of JavaScript and front-end development.  This exploration includes tooling and comparisons against other popular frameworks like React and Angular.

(more…)

Use Mozilla’s LocalForage For Key-Value Storage In Ionic Framework

A few years ago I wrote an article called Use ngStorage for all Your AngularJS Local Storage Needs, which was intended to be for AngularJS in general.  However, I understand many readers were using it in their hybrid Apache Cordova or Ionic Framework applications.  There is nothing wrong with this.  However, ngStorage is a wrapper for HTML5 local storage which is known to have compatibility issues under certain circumstances.  That said, came across localForage, a library by Mozilla, which claims to be a wrapper for local storage, WebSQL, and IndexedDB, offering maximum compatibility.

We’re going to take a look at including localForage in an Ionic Framework Android and iOS application for storing data.

(more…)

Test Amazon Alexa Skills Offline With Mocha And Chai For Node.js

By now you’re probably aware that I’m all about Amazon Alexa skills since I’m a proud owner of an Amazon Echo.  I had released a Alexa skill called BART Control and published a guide on creating a simple skill with Node.js and Lambda.  If you went through my Node.js and Lambda guide you probably found it pretty painful to test the skill you were working on.  The constant building and uploading to Lambda could easily get out of control.  What if I told you there was a much simpler way that could save you a ton of time?

We’re going to take a look at adding test cases for testing an Alexa skill offline without ever having to upload the skill to Lambda.

(more…)

TPDP Episode #8: Asynchronous and Event-Based Programming with RxJS

When it comes to modern JavaScript development, there are a few different ways to handle asynchronous events or data.  You could use promises and callbacks, but as great as they are, present certain limitations.  This is where RxJS comes into play with its reactive programming model.  In this episode of The Polyglot Developer Podcast, guest speaker Ben Lesh and I discuss RxJS and where it fits in modern JavaScript development, whether it be server-side or front-end.

Ben Lesh is a senior software engineer at the very popular entertainment streaming company, Netflix.  One of Ben’s projects at Netflix includes the development and maintenance of RxJS since it is heavily used by the company.  In the eighth episode, Asynchronous and Event-Based Programming with RxJS we discuss everything from what is RxJS, how it was inspired, who is using it, and why you should use it over a few of the alternative methods.  If you’ve ever heard of RxJava or Rx.NET, these projects share some similarities to RxJS.

(more…)