krakenjs

34
Tim Messerschmidt @SeraAndroid LondonJS Conf 2014

Upload: paypal

Post on 30-Oct-2014

4.598 views

Category:

Technology


1 download

DESCRIPTION

These are the slides of Tim Messerschmidt's presentation at LondonJS Conf 2014. They provide an overview about Kraken's main features and how to use them in practice.

TRANSCRIPT

Page 1: KrakenJS

Tim Messerschmidt @SeraAndroid LondonJS Conf 2014

Page 2: KrakenJS

A story of!technical debt

Page 3: KrakenJS

Application stacks at PayPal

C++ Java

Page 4: KrakenJS

Environments & Lean UX

Prototyping Production

Page 5: KrakenJS

Application stacks at PayPal

C++ XSL

Java JSP

Node JS

Page 6: KrakenJS

Node & JS at PayPal Moving away from Java architecture •  CSS, HTML and even JS in Java •  Originally replaced by JSP

Rapid development & deployment cycles •  Open Source Stack •  Bootstrap for frontend •  JavaScript templating via Dust •  V8 in PayPal’s C++ stack for legacy app UI

Page 7: KrakenJS

New stack at PayPal

C++ Java Node

Dust

Page 8: KrakenJS

Advantages of Node Results of using Node at PayPal •  Teams between 1/3 to 1/10 of Java teams •  Doubled requests per second •  35% decrease in average response time •  Lines of code shrunk by factor 3 to 5 •  Development twice as fast •  JS both on frontend and backend

Page 9: KrakenJS

Release the!Kraken!

Page 10: KrakenJS

What is Kraken? A JS suite on top of Node.js and Express Preconfigured with different best practices and tools:

•  Dust for templates •  LESS as CSS preprocessor •  RequireJS as JS file and module loader •  Grunt for running tasks •  Runtime updates for UI code

Page 11: KrakenJS

But why?!

Page 12: KrakenJS

Project structure Opinionated about separation of logic and presentation

•  /config •  /controllers •  /models •  /public/templates •  /locales •  /tests

Page 13: KrakenJS

Lusca

Kappa Adaro

Makara

Page 14: KrakenJS

… and many more

Page 15: KrakenJS

Makara Local content bundles Internationalization support for Node apps var i18n = require('makara');var provider = i18n.create(config);provider.getBundle('index', 'en_US', function (err, bundle) { var string = bundle.get('key');});

Page 16: KrakenJS

Property files for Makara index.title=KrakenJS at LondonJS Confindex.speaker=Tim Messerschmidtindex.greeting=Ahoi {attendeeName}!# A listindex.speakers[0]=Lea Verouindex.speakers[1]=Peter-Paul KochIndex.speakers[2]=Hannah Wolfe# A mapindex.sponsors[PP]=PayPalindex.sponsors[GH]=GitHub# And subkeysindex.conference.language=JS

Page 17: KrakenJS

Makara in use Defining multiple values /locales/US/en/index.properties•  index.greeting=Hello {name}!

/locales/ES/es/index.properties•  index.greeting=Hola {name}!

Accessing keys in templates <h1>{@pre type="content" key="index.greeting"/}</h1>

Page 18: KrakenJS

Lusca Security settings against various vulnerabilities

Cross-site request forgery support Clickjacking / X-Frame-Options Output escaping against XSS via Dust Content Security Policy

Page 19: KrakenJS

Lusca configuration Configuration in middleware.json

"appsec": {"csrf": true,"csp": false,"p3p": false,"xframe": "SAMEORIGIN”

}

… or using Lusca’s methods

Page 20: KrakenJS

Lusca against CSRF A token is added to the session automatically

var express = require('express'),appsec = require('lusca'),server = express();

server.use(appsec.csrf());

The template needs to return the token:

<input type="hidden" name="_csrf" value="{_csrf}”>

Page 21: KrakenJS

Adaro Brings Dust as default templating engine Designed to work together with Makara

dustjs.onLoad = function (name, context, callback) {// Custom file read/processing piplinecallback(err, str);

}app.engine('dust', dustjs.dust({ cache: false }));app.set('view engine', 'dust');

Page 22: KrakenJS

Templating with Dust Layout

<html> <body> {>"{_main}"/} </body></html>

Content page as partial

<div>Hello!</div>dust.render(’partial', { layout: ’template' }, ...);

Page 23: KrakenJS

Templating with Dust Sections

{#modules} {name}, {description}{~n}{/modules}

View context

{ modules: [ { name: “Makara”, description: “i18n” }, { name: “Lusca”, description: “security settings” }]

}

Page 24: KrakenJS

Templating with Dust Conditionals

{#modules}{name}, {description}{~n}

{:else}No modules supported :(

{/modules}{?modules}

modules exists!{/modules}{^modules}

No modules!{/modules}

Page 25: KrakenJS

Kappa Serves as NPM Proxy Enables support for private npm repos Based on npm-delegate hapi support Global or local installation

npm install -g kappakappa -c config.json

Page 26: KrakenJS

Configuring Kraken Lives in /config/app.json

Development vs. Production environments •  2nd configuration allowed:

–  app-development.json

•  Usage of NODE_ENV for environment

nconf for credentials and other variables

Page 27: KrakenJS

The Generator

Page 28: KrakenJS

Getting started sudo npm install -g generator-krakenyo kraken ,'""`. / _ _ \ |(@)(@)| Release the Kraken! ) __ ( /,'))((`.\ (( (( )) )) `\ `)(' /'

Page 29: KrakenJS

Generation yo kraken:controller myControllerRespond to XHR requests? (Y/n)create controllers/myController.jscreate test/myController.js

Page 30: KrakenJS

Result without XHR var myModel = require('../models/model');module.exports = function (app) {var model = new myModel();

app.get(’/ahoi', function (req, res) { res.render(’ahoi', model);});

};

Page 31: KrakenJS

Result with XHR app.get('/ahoiXHR', function (req, res) {res.format({ json: function () { res.json(model); }, html: function () { res.render(’ahoiXHR', model); }});

});

Page 32: KrakenJS

Models yo kraken:model unicorncreate models/unicorn.jsmodule.exports = function UnicornModel() {return { name: ‘Charlie’};

};

Page 33: KrakenJS

Summary

Page 34: KrakenJS

Thanks! Tim Messerschmidt @SeraAndroid [email protected] slideshare.com/paypal