A boilerplate for Node.js web applications based on https://github.com/sahat/hackathon-starter
If you have attended any hackathons in the past, then you know how much time it takes to get a project started: decide on what to build, pick a programming language, pick a web framework, pick a CSS framework. A while later, you might have an initial project up on GitHub and only then can other team members start contributing. Or how about doing something as simple as Sign in with Facebook authentication? You can spend hours on it if you are not familiar with how OAuth 2.0 works.
- Features
- Prerequisites
- Getting Started
- TODO
- 1. Fork Titanium boilerplate
- 2. Install Titanium boilerplate and check if tests pass
- 3. Create page for adding new Lessons
- 4. Create page for adding new Tasks
- 5. Create page to list all Lessons
- 6. Create page for detail view of each Lesson
- 7. Create page for detail view of each Task
- 8. Update main page to represent your Idea
- Project Structure
- List of Packages
- Useful Tools and Resources
- Recommended Design Resources
- Recommended Node.js Libraries
- Recommended Client-side Libraries
- Pro Tips
- FAQ
- How It Works
- Cheatsheets
- Docker
- Obtaining API Keys
- Contributing
- License
- Local Authentication using Email and Password
- OAuth 1.0a Authentication via Twitter
- OAuth 2.0 Authentication via Facebook, Google, GitHub, LinkedIn, Instagram
- Flash notifications
- MVC Project Structure
- Node.js clusters support
- Sass stylesheets (auto-compiled via middleware)
- Bootstrap 3 + Extra Themes
- Contact Form (powered by Mailgun, Sendgrid or Mandrill)
- Account Management
- Gravatar
- Profile Details
- Change Password
- Forgot Password
- Reset Password
- Link multiple OAuth strategies to one account
- Delete Account
- CSRF protection
- API Examples: Facebook, Foursquare, Last.fm, Tumblr, Twitter, Stripe, LinkedIn and more.
- MongoDB
- Node.js 6.0+
- Command Line Tools
- Mac OS X: Xcode (or OS X 10.9+:
xcode-select --install
) - Windows: Visual Studio
- Ubuntu / Linux Mint:
sudo apt-get install build-essential
- Fedora:
sudo dnf groupinstall "Development Tools"
- OpenSUSE:
sudo zypper install --type pattern devel_basis
Note: If you are new to Node or Express, I recommend to watch ask your Mentor
The easiest way to get started is to clone the repository:
# Get the latest snapshot
git clone https://github.com/PovarovDenis/titanium-javascript-hackaton
# Change directory
cd myproject
# Install NPM dependencies
npm install
# Then simply start your app
node app.js
Note: I highly recommend installing Nodemon.
It watches for any changes in your node.js app and automatically restarts the
server. Once installed, instead of node app.js
use nodemon app.js
. It will
save you a lot of time in the long run, because you won't need to manually
restart the server each time you make a small change in code. To install, run
sudo npm install -g nodemon
.
To start work with the team on the Titanium Hackaton first of all you need to fork the repository.
Tasks:
- One of the team members forks repository to his Github account
- That repository owner grants accesses to all team members
- All of the team members has cloned project on their laptops
Readings:
Now you can install all needed dependencies and a Database to run the application.
Successful criteria on this step is: you have working app on localhost:8080
and you DB is ready to store all your data.
Tasks:
- Install all npm packages
- Install and run Mongo DB
- Run the application (
npm run start
) - Check if the tests pass (
npm run test
) - Check if the tests pass (
npm run test
) - Get familiar with the application, in general
Readings:
- Install Node.js with npm
- Install Mongo DB
- Mocha test framework
- Chai assertion library
- Node
process
- Express web framework
In this step you will implement two pages: one simple page Adminpanel and page for adding new Lessons.
First of all you need to add page /admin
where will be just 1 button: Add new Lesson.
On clicking the button user will go to the Lesson form. To add this page you need to add also API endpoint
on server (basic endpoint just to serve the template you'll prepare in /views/admin/admin.pug
)
Lesson form represents page with 2 inputs: one for Lesson name and one for Lesson description.
On API you need to implement API endpoint (request handler) and save new lesson to the DB for the Lesson form.
Tasks:
- Create template using PUG for a new page
/admin/lesson-form
- Input
type="text"
for Lesson name - Input
textarea
for Lesson description
- Input
- Implement API endpoint for new page
/admin/lesson-form
GET
to serve the templatePOST
to save a new Lesson to the Database
Tips:
- add routes to
app.js
- then add templates to
/views/lessons/*.pug
- create new controller
/controllers/lesson.js
for request handlers - add new Collection to the Database and call it
lessons
Readings:
- Project Structure
- How do I create a new page?
- PUG HTML preprocessor
- Add new collection to Mongo
- Insert new document to Mongo
Extra:
- Add functionality to edit lessons (
/admin/lesson-form/edit/:LessonId
)- In this step you also need to add functionality to list all lessons in adminpanel (
/admin
) under button Add new Lesson
- In this step you also need to add functionality to list all lessons in adminpanel (
- Write unit tests for the API endpoints
This step is very similar to the previous one. You'll need to add new button to the Admin page Add new Task. On clicking the button user will go to the Task form. Task form represents page with 3 inputs: one for Task name, one for Task description and one for Task tests. On API you need to implement API endpoint (request handler) and save new lesson to the DB for the Task form.
Tasks:
- Create template using PUG for a new page
/admin/task-form
- Input
type="text"
for Task name - Input
type="text"
for Lesson to which task is related.- Basic option is to use this input as
type="text"
and insert there LessonId manually - Pro option is to use this input as
select
and check Lesson from the list
- Basic option is to use this input as
- Input
textarea
for Task description - Input
textarea
for Task tests
- Input
- Implement API endpoint for new page
/admin/task-form
GET
to serve the templatePOST
to save a new Task to the Database
Tips:
- add routes to
app.js
- then add templates to
/views/tasks/*.pug
- create new controller
/controllers/task.js
for request handlers - add new Collection to the Database and call it
tasks
Readings:
- Project Structure
- How do I create a new page?
- PUG HTML preprocessor
- Add new collection to Mongo
- Insert new document to Mongo
Extra:
- Add functionality to edit tasks (
/admin/task-form/edit/:TaskId
)- In this step you also need to add functionality to list all tasks in adminpanel (
/admin
) under button Add new Task
- In this step you also need to add functionality to list all tasks in adminpanel (
- Write unit tests for the API endpoints
In this step you will implement another page to list all lessons /lessons
(just lesson names)
This is not Admin panel anymore, so make it looks nice and clear.
Tasks:
- Add new API endpoint to serve the template
- Add new template to list all Lessons
In this step you will add a page for detail view each lesson /lesson/:LessonId
On detailed page will be Lesson title, Lesson description and list of Tasks related to the Lesson (just task names).
Tasks:
- Add new API endpoint to serve the template
- Add new template to present one Lesson and list of related Tasks
In this step you will add a page for detail view each task /task/:TaskId
On detailed page will be Task title, Task description and input textarea
to provide the solution.
Also there must be a button Check solution. By clicking on this button will be sent request to our runner API http://78.46.208.140:3031
to check the solution using your tests.
Tasks:
- Add new API endpoint to serve the template
- Add new template to present one Task with input for solutions
- Use our runner API to check the solution provided by user on each attempt
Extra:
- Use AJAX to send requests for checking solution
Update main page to represent your Idea. Everything you want.
Name | Description |
---|---|
config/passport.js | Passport Local and OAuth strategies, plus login middleware. |
controllers/api.js | Controller for /api route and all api examples. |
controllers/contact.js | Controller for contact form. |
controllers/home.js | Controller for home page (index). |
controllers/user.js | Controller for user account management. |
models/User.js | Mongoose schema and model for User. |
public/ | Static assets (fonts, css, js, img). |
public/js/application.js | Specify client-side JavaScript dependencies. |
public/js/main.js | Place your client-side JavaScript here. |
public/css/main.scss | Main stylesheet for your app. |
public/css/themes/default.scss | Some Bootstrap overrides to make it look prettier. |
views/account/ | Templates for login, password reset, signup, profile. |
views/api/ | Templates for API Examples. |
views/partials/flash.pug | Error, info and success flash notifications. |
views/partials/header.pug | Navbar partial template. |
views/partials/footer.pug | Footer partial template. |
views/layout.pug | Base template. |
views/home.pug | Home page template. |
.env.example | Your API keys, tokens, passwords and database URI. |
app.js | The main application file. |
package.json | NPM dependencies. |
package-lock.lock | Contains exact versions of NPM dependencies in package.json. |
Note: There is no preference how you name or structure your views.
You could place all your templates in a top-level views
directory without
having a nested folder structure, if that makes things easier for you.
Just don't forget to update extends ../layout
and corresponding
res.render()
paths in controllers.
Package | Description |
---|---|
async | Utility library that provides asynchronous control flow. |
bcrypt-nodejs | Library for hashing and salting user passwords. |
cheerio | Scrape web pages using jQuery-style syntax. |
clockwork | Clockwork SMS API library. |
connect-mongo | MongoDB session store for Express. |
dotenv | Loads environment variables from .env file. |
express | Node.js web framework. |
body-parser | Express 4 middleware. |
express-session | Express 4 middleware. |
morgan | Express 4 middleware. |
compression | Express 4 middleware. |
errorhandler | Express 4 middleware. |
serve-favicon | Express 4 middleware offering favicon serving and caching. |
express-flash | Provides flash messages for Express. |
express-status-monitor | Reports real-time server metrics for Express. |
express-validator | Easy form validation for Express. |
fbgraph | Facebook Graph API library. |
github | GitHub API library. |
pug (jade) | Template engine for Express. |
lastfm | Last.fm API library. |
instagram-node | Instagram API library. |
lob | Lob API library |
lusca | CSRF middleware. |
mongoose | MongoDB ODM. |
node-foursquare | Foursquare API library. |
node-linkedin | LinkedIn API library. |
node-sass-middleware | Sass middleware compiler. |
nodemailer | Node.js library for sending emails. |
passport | Simple and elegant authentication library for node.js |
passport-facebook | Sign-in with Facebook plugin. |
passport-github | Sign-in with GitHub plugin. |
passport-google-oauth | Sign-in with Google plugin. |
passport-twitter | Sign-in with Twitter plugin. |
passport-instagram | Sign-in with Instagram plugin. |
passport-local | Sign-in with Username and Password plugin. |
passport-linkedin-oauth2 | Sign-in with LinkedIn plugin. |
passport-oauth | Allows you to set up your own OAuth 1.0a and OAuth 2.0 strategies. |
paypal-rest-sdk | PayPal APIs library. |
request | Simplified HTTP request library. |
stripe | Offical Stripe API library. |
tumblr.js | Tumblr API library. |
twilio | Twilio API library. |
twit | Twitter API library. |
lodash | Handy JavaScript utlities library. |
validator | Used in conjunction with express-validator in controllers/api.js. |
mocha | Test framework. |
chai | BDD/TDD assertion library. |
supertest | HTTP assertion library. |
- JavaScripting - The Database of JavaScript Libraries
- JS Recipes - JavaScript tutorials for backend and frontend development.
- Jade Syntax Documentation by Example - Even better than official Jade docs.
- HTML to Jade converter - Extremely valuable when you need to quickly copy and paste HTML snippets from the web.
- JavascriptOO - A directory of JavaScript libraries with examples, CDN links, statistics, and videos.
- Favicon Generator - Generate favicons for PC, Android, iOS, Windows 8.
- Code Guide - Standards for developing flexible, durable, and sustainable HTML and CSS.
- Bootsnipp - Code snippets for Bootstrap.
- UIBox - Curated HTML, CSS, JS, UI components.
- Bootstrap Zero - Free Bootstrap templates themes.
- Google Bootstrap - Google-styled theme for Bootstrap.
- Font Awesome Icons - It's already part of the Hackathon Starter, so use this page as a reference.
- Colors - A nicer color palette for the web.
- Creative Button Styles - awesome button styles.
- Creative Link Effects - Beautiful link effects in CSS.
- Medium Scroll Effect - Fade in/out header background image as you scroll.
- GeoPattern - SVG background pattern generator.
- Trianglify - SVG low-poly background pattern generator.
- Nodemon - Automatically restart Node.js server on code changes.
- geoip-lite - Geolocation coordinates from IP address.
- Filesize.js - Pretty file sizes, e.g.
filesize(265318); // "265.32 kB"
. - Numeral.js - Library for formatting and manipulating numbers.
- Node Inspector - Node.js debugger based on Chrome Developer Tools.
- node-taglib - Library for reading the meta-data of several popular audio formats.
- sharp - Node.js module for resizing JPEG, PNG, WebP and TIFF images.
- Framework7 - Full Featured HTML Framework For Building iOS7 Apps.
- InstantClick - Makes your pages load instantly by pre-loading them on mouse hover.
- NProgress.js - Slim progress bars like on YouTube and Medium.
- Hover - Awesome CSS3 animations on mouse hover.
- Magnific Popup - Responsive jQuery Lightbox Plugin.
- jQuery Raty - Star Rating Plugin.
- Headroom.js - Hide your header until you need it.
- X-editable - Edit form elements inline.
- Offline.js - Detect when user's internet connection goes offline.
- Alertify.js - Sweet looking alerts and browser dialogs.
- selectize.js - Styleable select elements and input tags.
- drop.js - Powerful Javascript and CSS library for creating dropdowns and other floating displays.
- scrollReveal.js - Declarative on-scroll reveal animations.
- When installing an NPM package, add a --save flag, and it will be automatically
added to
package.json
as well. For example,npm install --save moment
. - Use async.parallel() when you need to run multiple asynchronous tasks, and then render a page, but only when all tasks are completed. For example, you might want to scrape 3 different websites for some data and render the results in a template after all 3 websites have been scraped.
- Need to find a specific object inside an Array? Use _.find
function from Lodash. For example, this is how you would retrieve a
Twitter token from database:
var token = _.find(req.user.tokens, { kind: 'twitter' });
, where 1st parameter is an array, and a 2nd parameter is an object to search for.
You need to add the following hidden input element to your form. This has been added in the pull request #40 as part of the CSRF protection.
input(type='hidden', name='_csrf', value=_csrf)
Note: It is now possible to whitelist certain URLs. In other words you can specify a list of routes that should bypass CSRF verification check.
Note 2: To whitelist dynamic URLs use regular expression tests inside the
CSRF middleware to see if req.originalUrl
matches your desired pattern.
That's a custom error message defined in app.js
to indicate that there was a
problem connecting to MongoDB:
mongoose.connection.on('error', () => {
console.error('MongoDB Connection Error. Please make sure MongoDB is running.');
});
You need to have a MongoDB server running before launching app.js
. You can
download MongoDB here, or install it via a package manager.
Windows users, read Install MongoDB on Windows.
Tip: If you are always connected to the internet, you could just use
mLab or Compose instead
of downloading and installing MongoDB locally. You will only need to update database credentials
in .env
file.
When I first started this project I didn't have any experience with Handlebars. Since then I have worked on Ember.js apps and got myself familiar with the Handlebars syntax. While it is true Handlebars is easier, because it looks like good old HTML, I have no regrets picking Jade over Handlebars. First off, it's the default template engine in Express, so someone who has built Express apps in the past already knows it. Secondly, I find extends
and block
to be indispensable, which as far as I know, Handlebars does not have out of the box. And lastly, subjectively speaking, Jade looks much cleaner and shorter than Handlebars, or any non-HAML style for that matter.
For the sake of simplicity. While there might be a better approach,
such as passing app
context to each controller as outlined in this
blog,
I find such style to be confusing for beginners.
It took me a long time to grasp the concept of exports
and module.exports
,
let alone having a global app
reference in other files.
That to me is a backward thinking.
The app.js
is the "heart of the app", it should be the one referencing
models, routes, controllers, etc.
When working solo on small projects I actually prefer to have everything inside app.js
as is the case with this
REST API server.
If you would like to use Persona authentication strategy, use the pull request #64 as a reference guide. I have explained my reasons why it could not be merged in issue #63.
Inside the nodemailer.createTransport
method arguments, simply change the service from 'Sendgrid'
to some other email service. Also, be sure to update both username and password below that. See the list of all supported services by Nodemailer.
This section is intended for giving you a detailed explanation about how a particular functionality works. Maybe you are just curious about how it works, or maybe you are lost and confused while reading the code, I hope it provides some guidance to you.
HTML5 UP has many beautiful templates that you can download for free.
When you download the ZIP file, it will come with index.html, images, css and js folders. So, how do you integrate it with Hackathon Starter? Hackathon Starter uses Bootstrap CSS framework, but these templates do not. Trying to use both CSS files at the same time will likely result in undesired effects.
Note: Using the custom templates approach, you should understand that you cannot reuse any of the views I have created: layout, home page, api browser, login, signup, account management, contact. Those views were built using Bootstrap grid and styles. You will have to manually update the grid using a different syntax provided in the template. Having said that, you can mix and match if you want to do so: Use Bootstrap for main app interface, and a custom template for a landing page.
Let's start from the beginning. For this example I will use Escape Velocity template:
Note: For the sake of simplicity I will only consider index.html
, and skip left-sidebar.html
,
no-sidebar.html
, right-sidebar.html
.
Move all JavaScript files from html5up-escape-velocity/js
to public/js
. Then move all CSS files from html5up-escape-velocity/css
to public/css
. And finally, move all images from html5up-escape-velocity/images
to public/images
. You could move it to the existing img folder, but that would require manually changing every img
reference. Grab the contents of index.html
and paste it into HTML To Jade.
Note: Do not forget to update all the CSS and JS paths accordingly.
Create a new file escape-velocity.pug
and paste the Pug markup in views
folder.
Whenever you see the code res.render('account/login')
- that means it will search for views/account/login.pug
file.
Let's see how it looks. Create a new controller escapeVelocity inside controllers/home.js
:
exports.escapeVelocity = (req, res) => {
res.render('escape-velocity', {
title: 'Landing Page'
});
};
And then create a route in app.js
. I placed it right after the index controller:
app.get('/escape-velocity', homeController.escapeVelocity);
Restart the server (if you are not using nodemon), then you should see the new template at http://localhost:3000/escape-velocity.
I will stop right here, but if you would like to use this template as more than just a single page, take a look at how these Jade templates work: layout.pug
- base template, index.pug
- home page, partials/header.pug
- Bootstrap navbar, partials/footer.pug
- sticky footer. You will have to manually break it apart into smaller pieces. Figure out which part of the template you want to keep the same on all pages - that's your new layout.pug
.
Then, each page that changes, be it index.pug
, about.pug
, contact.pug
will be embedded in your new layout.pug
via block content
. Use existing templates as a reference.
This is a rather lengthy process, and templates you get from elsewhere, might have yet another grid system. That's why I chose Bootstrap for the Hackathon Starter. Many people are already familiar with Bootstrap, plus it's easy to get started with it if you have never used Bootstrap. You can also buy many beautifully designed Bootstrap themes at Themeforest, and use them as a drop-in replacement for Hackathon Starter. However, if you would like to go with a completely custom HTML/CSS design, this should help you to get started!
Flash messages allow you to display a message at the end of the request and access
it on next request and only next request. For instance, on a failed login attempt, you would
display an alert with some error message, but as soon as you refresh that page or visit a different
page and come back to the login page, that error message will be gone. It is only displayed once.
This project uses express-flash module for flash messages. And that
module is built on top of connect-flash, which is what I used in
this project initially. With express-flash you don't have to
explicitly send a flash message to every view inside res.render()
.
All flash messages are available in your views via messages
object by default,
thanks to express-flash.
Flash messages have a two-step process. You use req.flash('errors', { msg: 'Error messages goes here' }
to create a flash message in your controllers, and then display them in your views:
if messages.errors
.alert.alert-danger.fade.in
for error in messages.errors
div= error.msg
In the first step, 'errors'
is the name of a flash message, which should match the
name of the property on messages
object in your views. You place alert messages
inside if message.errors
because you don't want to show them flash messages are actually present.
The reason why you pass an error like { msg: 'Error messages goes here' }
instead
of just a string - 'Error messages goes here'
, is for the sake of consistency.
To clarify that, express-validator module which is used for validating and sanitizing user's input,
returns all errors as an array of objects, where each object has a msg
property with a message
why an error has occurred. Here is a more general example of what express-validator returns when there are errors present:
[
{ param: "name", msg: "Name is required", value: "<received input>" },
{ param: "email", msg: "A valid email is required", value: "<received input>" }
]
To keep consistent with that style, you should pass all flash messages
as { msg: 'My flash message' }
instead of a string. Otherwise you will just see an alert box
without an error message. That is because, in partials/flash.pug template it will try to output
error.msg
(i.e. "My flash message".msg
), in other words it will try to call a msg
method on a String object,
which will return undefined. Everything I just mentioned about errors, also applies
to "info" and "success" flash messages, and you could even create a new one yourself, such as:
Data Usage Controller (Example)
req.flash('warning', { msg: 'You have exceeded 90% of your data usage' });
User Account Page (Example)
if messages.warning
.alert.alert-warning.fade.in
for warning in messages.warning
div= warning.msg
partials/flash.pug
is a partial template that contains how flash messages
are formatted. Previously, flash
messages were scattered throughout each view that used flash messages
(contact, login, signup, profile), but now, thankfully it is uses a DRY approach.
The flash messages partial template is included in the layout.pug
, along with footer and navigation.
body
include partials/header
.container
include partials/flash
block content
include partials/footer
If you have any further questions about flash messages, please feel free to open an issue and I will update this mini-guide accordingly, or send a pull request if you would like to include something that I missed.
A more correct way to be to say "How do I create a new route". The main file app.js
contains all the routes.
Each route has a callback function associated with it. Sometimes you will see 3 or more arguments
to routes. In cases like that, the first argument is still a URL string, while middle arguments
are what's called middleware. Think of middleware as a door. If this door prevents you from
continuing forward, you won't get to your callback function. One such example is a route that requires authentication.
app.get('/account', passportConfig.isAuthenticated, userController.getAccount);
It always goes from left to right. A user visits /account
page. Then isAuthenticated
middleware
checks if you are authenticated:
exports.isAuthenticated = (req, res, next) => {
if (req.isAuthenticated()) {
return next();
}
res.redirect('/login');
};
If you are authenticated, you let this visitor pass through your "door" by calling return next();
. It then proceeds to the
next middleware until it reaches the last argument, which is a callback function that typically renders a template on GET
requests or redirects on POST
requests. In this case, if you are authenticated, you will be redirected to Account Management page, otherwise you will be redirected to Login page.
exports.getAccount = (req, res) => {
res.render('account/profile', {
title: 'Account Management'
});
};
Express.js has app.get
, app.post
, app.put
, app.delete
, but for the most part you will only use the first two HTTP verbs, unless you are building a RESTful API.
If you just want to display a page, then use GET
, if you are submitting a form, sending a file then use POST
.
Here is a typical workflow for adding new routes to your application. Let's say we are building a page that lists all books from database.
Step 1. Start by defining a route.
app.get('/books', bookController.getBooks);
Note: As of Express 4.x you can define you routes like so:
app.route('/books')
.get(bookController.getBooks)
.post(bookController.createBooks)
.put(bookController.updateBooks)
.delete(bookController.deleteBooks)
And here is how a route would look if it required an authentication and an authorization middleware:
app.route('/api/twitter')
.all(passportConfig.isAuthenticated)
.all(passportConfig.isAuthorized)
.get(apiController.getTwitter)
.post(apiController.postTwitter)
Use whichever style that makes sense to you. Either one is acceptable. I really think that chaining HTTP verbs on
app.route
is very clean and elegant approach, but on the other hand I can no longer see all my routes at a glance
when you have one route per line.
Step 2. Create a new schema and a model Book.js
inside the models directory.
const mongoose = require('mongoose');
const bookSchema = new mongoose.Schema({
name: String
});
const Book = mongoose.model('Book', bookSchema);
module.exports = Book;
Step 3. Create a new controller file called book.js
inside the controllers directory.
/**
* GET /books
* List all books.
*/
const Book = require('../models/Book.js');
exports.getBooks = (req, res) => {
Book.find((err, docs) => {
res.render('books', { books: docs });
});
};
Step 4. Import that controller in app.js
.
const bookController = require('./controllers/book');
Step 5. Create books.pug
template.
extends layout
block content
.page-header
h3 All Books
ul
for book in books
li= book.name
That's it! I will say that you could have combined Step 1, 2, 3 as following:
app.get('/books',(req, res) => {
Book.find((err, docs) => {
res.render('books', { books: docs });
});
});
Sure, it's simpler, but as soon as you pass 1000 lines of code in app.js
it becomes a little difficult to navigate the file.
I mean, the whole point of this boilerplate project was to separate concerns, so you could
work with your teammates without running into MERGE CONFLICTS. Imagine you have 4 developers
working on a single app.js
, I promise you it won't be fun resolving merge conflicts all the time.
If you are the only developer then it's fine. But as I said, once it gets up to a certain LoC size, it becomes
difficult to maintain everything in a single file.
That's all there is to it. Express.js is super simple to use. Most of the time you will be dealing with other APIs to do the real work: Mongoose for querying database, socket.io for sending and receiving messages over websockets, sending emails via Nodemailer, form validation using express-validator library, parsing websites using Cheerio, and etc.
Dan Stroot submitted an excellent pull request that adds a real-time dashboard with socket.io. And as much as I'd like to add it to the project, I think it violates one of the main principles of the Hackathon Starter:
When I started this project, my primary focus was on simplicity and ease of use. I also tried to make it as generic and reusable as possible to cover most use cases of hackathon web apps, without being too specific.
When I need to use socket.io, I really need it, but most of the time - I don't. But more importantly, websockets support is still experimental on most hosting providers. As of October 2013, Heroku supports websockets, but not until you opt-in by running this command:
heroku labs:enable websockets -a myapp
And what if you are deploying to OpenShift? They do support websockets, but it is currently in a preview state. So, for OpenShift you would need to change the socket.io connect URI to the following:
const socket = io.connect('http://yoursite-namespace.rhcloud.com:8000');
Wait, why is it on port 8000? Who knows, and if I didn't run across this blog post I wouldn't even know I had to use port 8000.
I am really glad that Heroku and OpenShift at least have a websockets support, because many other PaaS providers still do not support it. Due to the aforementioned issues with websockets, I cannot include socket.io as part of the Hackathon Starter. For now... If you need to use socket.io in your app, please continue reading.
First you need to install socket.io:
npm install socket.io --save
Replace const app = express();
with the following code:
const app = express();
const server = require('http').Server(app);
const io = require('socket.io')(server);
I like to have the following code organization in app.js
(from top to bottom): module dependencies,
import controllers, import configs, connect to database, express configuration, routes,
start the server, socket.io stuff. That way I always know where to look for things.
Add the following code at the end of app.js
:
io.on('connection', (socket) => {
socket.emit('greet', { hello: 'Hey there browser!' });
socket.on('respond', (data) => {
console.log(data);
});
socket.on('disconnect', () => {
console.log('Socket disconnected');
});
});
One last thing left to change:
app.listen(app.get('port'), () => {
to
server.listen(app.get('port'), () => {
At this point we are done with the back-end.
You now have a choice - to include your JavaScript code in Pug templates or have all your client-side
JavaScript in a separate file - in main.js
. I will admit, when I first started out with Node.js and JavaScript in general,
I placed all JavaScript code inside templates because I have access to template variables passed in from Express
right then and there. It's the easiest thing you can do, but also the least efficient and harder to maintain. Since then I
almost never include inline JavaScript inside templates anymore.
But it's also understandable if you want take the easier road. Most of the time you don't even care about performance during hackathons, you just want to "get shit done" before the time runs out. Well, either way, use whichever approach makes more sense to you. At the end of the day, it's what you build that matters, not how you build it.
If you want to stick all your JavaScript inside templates, then in layout.pug
-
your main template file, add this to head
block.
script(src='/socket.io/socket.io.js')
script.
let socket = io.connect(window.location.href);
socket.on('greet', function (data) {
console.log(data);
socket.emit('respond', { message: 'Hey there, server!' });
});
Note: Notice the path of the socket.io.js
, you don't actually
have to have socket.io.js
file anywhere in your project; it will be generated
automatically at runtime.
If you want to have JavaScript code separate from templates, move that inline
script code into main.js
, inside the $(document).ready()
function:
$(document).ready(function() {
// Place JavaScript code here...
let socket = io.connect(window.location.href);
socket.on('greet', function (data) {
console.log(data);
socket.emit('respond', { message: 'Hello to you too, Mr.Server!' });
});
});
Declares a read-only named constant.
const name = 'yourName';
Declares a block scope local variable.
let index = 0;
Using the `${}` syntax, strings can embed expressions.
const name = 'Oggy';
const age = 3;
console.log(`My cat is named ${name} and is ${age} years old.`);
To import functions, objects or primitives exported from an external module. These are the most common types of importing.
import name from 'module-name';
import * as name from 'module-name';
import { foo, bar } from 'module-name';
To export functions, objects or primitives from a given file or module.
export { myFunction };
export const name = 'yourName';
export default myFunctionOrClass
The spread operator allows an expression to be expanded in places where multiple arguments (for function calls) or multiple elements (for array literals) are expected.
myFunction(...iterableObject);
<ChildComponent {...this.props} />
A Promise is used in asynchronous computations to represent an operation that hasn't completed yet, but is expected in the future.
var p = new Promise(function(resolve, reject) { });
The catch()
method returns a Promise and deals with rejected cases only.
p.catch(function(reason) { /* handle rejection */ });
The then()
method returns a Promise. It takes 2 arguments: callback for the success & failure cases.
p.then(function(value) { /* handle fulfillment */ }, function(reason) { /* handle rejection */ });
The Promise.all(iterable)
method returns a promise that resolves when all of the promises in the iterable argument have resolved, or rejects with the reason of the first passed promise that rejects.
Promise.all([p1, p2, p3]).then(function(values) { console.log(values) });
Arrow function expression. Shorter syntax & lexically binds the this
value. Arrow functions are anonymous.
singleParam => { statements }
() => { statements }
(param1, param2) => expression
const arr = [1, 2, 3, 4, 5];
const squares = arr.map(x => x * x);
The class declaration creates a new class using prototype-based inheritance.
class Person {
constructor(name, age, gender) {
this.name = name;
this.age = age;
this.gender = gender;
}
incrementAge() {
this.age++;
}
}
🎁 Credits: DuckDuckGo and @DrkSephy.
Math.floor(Date.now() / 1000);
var now = new Date();
now.setMinutes(now.getMinutes() + 30);
// DD-MM-YYYY
var now = new Date();
var DD = now.getDate();
var MM = now.getMonth() + 1;
var YYYY = now.getFullYear();
if (DD < 10) {
DD = '0' + DD;
}
if (MM < 10) {
MM = '0' + MM;
}
console.log(MM + '-' + DD + '-' + YYYY); // 03-30-2016
// hh:mm (12 hour time with am/pm)
var now = new Date();
var hours = now.getHours();
var minutes = now.getMinutes();
var amPm = hours >= 12 ? 'pm' : 'am';
hours = hours % 12;
hours = hours ? hours : 12;
minutes = minutes < 10 ? '0' + minutes : minutes;
console.log(hours + ':' + minutes + ' ' + amPm); // 1:43 am
var today = new Date();
var nextWeek = new Date(today.getTime() + 7 * 24 * 60 * 60 * 1000);
var today = new Date();
var yesterday = date.setDate(date.getDate() - 1);
User.find((err, users) => {
console.log(users);
});
let userEmail = 'example@gmail.com';
User.findOne({ email: userEmail }, (err, user) => {
console.log(user);
});
User
.find()
.sort({ _id: -1 })
.limit(5)
.exec((err, users) => {
console.log(users);
});
Let's suppose that each user has a votes
field and you would like to count
the total number of votes in your database across all users. One very
inefficient way would be to loop through each document and manually accumulate
the count. Or you could use MongoDB Aggregation Framework instead:
User.aggregate({ $group: { _id: null, total: { $sum: '$votes' } } }, (err, votesCount) => {
console.log(votesCount.total);
});
You will need docker and docker-compose installed to build the application.
After installing docker, start the application with the following commands :
# To build the project for the first time or when you add dependencies
docker-compose build web
# To start the application (or to restart after making changes to the source code)
docker-compose up web
To view the app, find your docker ip address + port 3000 ( this will typically be http://192.168.99.100:3000/ ).
To use any of the included APIs or OAuth authentication methods, you will need to obtain appropriate credentials: Client ID, Client Secret, API Key, or Username & Password. You will need to go through each provider to generate new credentials.
Hackathon Starter 2.0 Update: I have included dummy keys and passwords for all API examples to get you up and running even faster. But don't forget to update them with your credentials when you are ready to deploy an app.
- Visit Google Cloud Console
- Click on the Create Project button
- Enter Project Name, then click on Create button
- Then click on APIs & auth in the sidebar and select API tab
- Click on Google+ API under Social APIs, then click Enable API
- Next, under APIs & auth in the sidebar click on Credentials tab
- Click on Create new Client ID button
- Select Web Application and click on Configure Consent Screen
- Fill out the required fields then click on Save
- In the Create Client ID modal dialog:
- Application Type: Web Application
- Authorized Javascript origins: http://localhost:3000
- Authorized redirect URI: http://localhost:3000/auth/google/callback
- Click on Create Client ID button
- Copy and paste Client ID and Client secret keys into
.env
Note: When you ready to deploy to production don't forget to
add your new url to Authorized Javascript origins and Authorized redirect URI,
e.g. http://my-awesome-app.herokuapp.com
and
http://my-awesome-app.herokuapp.com/auth/google/callback
respectively.
The same goes for other providers.
- Visit Facebook Developers
- Click My Apps, then select *Add a New App from the dropdown menu
- Select Website platform and enter a new name for your app
- Click on the Create New Facebook App ID button
- Choose a Category that best describes your app
- Click on Create App ID button
- In the upper right corner click on Skip Quick Start
- Copy and paste App ID and App Secret keys into
.env
- Note: App ID is clientID, App Secret is clientSecret
- Click on the Settings tab in the left nav, then click on + Add Platform
- Select Website
- Enter
http://localhost:3000
under Site URL
Note: After a successful sign in with Facebook, a user will be redirected back to home page with appended hash #_=_
in the URL. It is not a bug. See this Stack Overflow discussion for ways to handle it.
- Go to Account Settings
- Select Applications from the sidebar
- Then inside Developer applications click on Register new application
- Enter Application Name and Homepage URL
- For Authorization Callback URL: http://localhost:3000/auth/github/callback
- Click Register application
- Now copy and paste Client ID and Client Secret keys into
.env
file
- Sign in at https://apps.twitter.com
- Click Create a new application
- Enter your application name, website and description
- For Callback URL: http://127.0.0.1:3000/auth/twitter/callback
- Go to Settings tab
- Under Application Type select Read and Write access
- Check the box Allow this application to be used to Sign in with Twitter
- Click Update this Twitter's applications settings
- Copy and paste Consumer Key and Consumer Secret keys into
.env
file
- Sign in at LinkedIn Developer Network
- From the account name dropdown menu select API Keys
- It may ask you to sign in once again
- Click + Add New Application button
- Fill out all the required fields
- OAuth 2.0 Redirect URLs: http://localhost:3000/auth/linkedin/callback
- JavaScript API Domains: http://localhost:3000
- For Default Application Permissions make sure at least the following is checked:
r_basicprofile
- Finish by clicking Add Application button
- Copy and paste API Key and Secret Key keys into
.env
file - API Key is your clientID
- Secret Key is your clientSecret
- Sign up or log into your dashboard
- Click on your profile and click on Account Settings
- Then click on API Keys
- Copy the Secret Key. and add this into
.env
file
- Visit PayPal Developer
- Log in to your PayPal account
- Click Applications > Create App in the navigation bar
- Enter Application Name, then click Create app
- Copy and paste Client ID and Secret keys into
.env
file - App ID is client_id, App Secret is client_secret
- Change host to api.paypal.com if you want to test against production and use the live credentials
- Go to Foursquare for Developers
- Click on My Apps in the top menu
- Click the Create A New App button
- Enter App Name, Welcome page url,
- For Redirect URI: http://localhost:3000/auth/foursquare/callback
- Click Save Changes
- Copy and paste Client ID and Client Secret keys into
.env
file
- Go to http://www.tumblr.com/oauth/apps
- Once signed in, click +Register application
- Fill in all the details
- For Default Callback URL:
http://localhost:3000/auth/tumblr/callback
- Click ✔Register
- Copy and paste OAuth consumer key and OAuth consumer secret keys into
.env
file
- Go to http://steamcommunity.com/dev/apikey
- Sign in with your existing Steam account
- Enter your Domain Name, then and click Register
- Copy and paste Key into
.env
file
- Go to https://sendgrid.com/user/signup
- Sign up and confirm your account via the activation email
- Then enter your SendGrid Username and Password into
.env
file
- Go to http://www.mailgun.com
- Sign up and add your Domain Name
- From the domain overview, copy and paste the default SMTP Login and Password into
.env
file
- Go to https://www.twilio.com/try-twilio
- Sign up for an account.
- Once logged into the dashboard, expand the link 'show api credentials'
- Copy your Account Sid and Auth Token
If something is unclear, confusing, or needs to be refactored, please let me know. Pull requests are always welcome, but due to the opinionated nature of this project, I cannot accept every pull request. Please open an issue before submitting a pull request. This project uses Airbnb JavaScript Style Guide with a few minor exceptions. If you are submitting a pull request that involves Pug templates, please make sure you are using spaces, not tabs.
The MIT License (MIT)
Copyright (c) 2014-2016 Sahat Yalkabov
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.