JSON Web Token

Utilities / Application Utilities / User Management and Authentication
Needs advice
on
Go
and
ASP.NET Core

I am going to build a backend which will serve my React site. It will need to interact with a PostgreSQL database where it will store and read users and create and use JSON Web Token for authenticating HTTP requests. I know EF core has good migration tooling, can Go provide the same or better? I am a one man team and I'll be hosting this either on Heroku or DigitalOcean.

READ MORE
4 upvotes76.2K views
Replies (2)
Recommends
C#

I'm a dotnet developer, and recently enjoyed building cli apps in golang, it's been a fun experience. The main reason for me using golang will be its resource consumption, Small cross-platform executables. What I did notice though, building more complex applications, those benefits starts to erode quickly. And the latest articles about dotnet core single executables and AOT compile modes does suggest a much smaller footprint for dotnet apps going forward.

Either way, I like both languages

READ MORE
6 upvotes626 views
Avatar of milgner
Director New Technology at i22 Digitalagentur GmbH
Recommends
Next.js

From your question I gather that you don't have any specific requirements with regards to performance or technology: both PostgreSQL and JWT are well-supported in both ecosystems and so my recommendation would be to go with whatever you're most familiar with already which seems to be ASP.NET if I interpret the wording correctly.

Although there are very good frameworks and libraries for Go, you'll be looking forward to doing a lot of things manually. Although this can potentially lead to very optimized and high quality software, it can just as well slow you down because you're dealing with low-level stuff that doesn't actually add business value to your application.

The point in favour of Go would be that you can easily deploy it to Heroku, which (afaik) doesn't support ASP.NET.

As you're a one-man team, you might even want to reconsider the decision to have separate codebases and languages for back-end and front-end. You're going to need to be very focused on adding business value to your application without getting distracted by some low-level technical detail or context switch. With React being your chosen front-end technology, I'll throw Next.js in the ring. (It'll deploy on Heroku nicely, too).

In the end: choose the technology that will support your flow the most.

READ MORE
6 upvotes632 views
Shared insights
at
()

Repost

Overview: To put it simply, we plan to use the MERN stack to build our web application. MongoDB will be used as our primary database. We will use ExpressJS alongside Node.js to set up our API endpoints. Additionally, we plan to use React to build our SPA on the client side and use Redis on the server side as our primary caching solution. Initially, while working on the project, we plan to deploy our server and client both on Heroku . However, Heroku is very limited and we will need the benefits of an Infrastructure as a Service so we will use Amazon EC2 to later deploy our final version of the application.

Serverside: nodemon will allow us to automatically restart a running instance of our node app when files changes take place. We decided to use MongoDB because it is a non relational database which uses the Document Object Model. This allows a lot of flexibility as compared to a RDMS like SQL which requires a very structural model of data that does not change too much. Another strength of MongoDB is its ease in scalability. We will use Mongoose along side MongoDB to model our application data. Additionally, we will host our MongoDB cluster remotely on MongoDB Atlas. Bcrypt will be used to encrypt user passwords that will be stored in the DB. This is to avoid the risks of storing plain text passwords. Moreover, we will use Cloudinary to store images uploaded by the user. We will also use the Twilio SendGrid API to enable automated emails sent by our application. To protect private API endpoints, we will use JSON Web Token and Passport. Also, PayPal will be used as a payment gateway to accept payments from users.

Client Side: As mentioned earlier, we will use React to build our SPA. React uses a virtual DOM which is very efficient in rendering a page. Also React will allow us to reuse components. Furthermore, it is very popular and there is a large community that uses React so it can be helpful if we run into issues. We also plan to make a cross platform mobile application later and using React will allow us to reuse a lot of our code with React Native. Redux will be used to manage state. Redux works great with React and will help us manage a global state in the app and avoid the complications of each component having its own state. Additionally, we will use Bootstrap components and custom CSS to style our app.

Other: Git will be used for version control. During the later stages of our project, we will use Google Analytics to collect useful data regarding user interactions. Moreover, Slack will be our primary communication tool. Also, we will use Visual Studio Code as our primary code editor because it is very light weight and has a wide variety of extensions that will boost productivity. Postman will be used to interact with and debug our API endpoints.

READ MORE
17 upvotes2 comments226.4K views
Avatar of undefined
Avatar of zimoony
Senior Fullstack Developer at QUANTUSflow Software GmbH

Our whole Node.js backend stack consists of the following tools:

  • Lerna as a tool for multi package and multi repository management
  • npm as package manager
  • NestJS as Node.js framework
  • TypeScript as programming language
  • ExpressJS as web server
  • Swagger UI for visualizing and interacting with the API鈥檚 resources
  • Postman as a tool for API development
  • TypeORM as object relational mapping layer
  • JSON Web Token for access token management

The main reason we have chosen Node.js over PHP is related to the following artifacts:

  • Made for the web and widely in use: Node.js is a software platform for developing server-side network services. Well-known projects that rely on Node.js include the blogging software Ghost, the project management tool Trello and the operating system WebOS. Node.js requires the JavaScript runtime environment V8, which was specially developed by Google for the popular Chrome browser. This guarantees a very resource-saving architecture, which qualifies Node.js especially for the operation of a web server. Ryan Dahl, the developer of Node.js, released the first stable version on May 27, 2009. He developed Node.js out of dissatisfaction with the possibilities that JavaScript offered at the time. The basic functionality of Node.js has been mapped with JavaScript since the first version, which can be expanded with a large number of different modules. The current package managers (npm or Yarn) for Node.js know more than 1,000,000 of these modules.
  • Fast server-side solutions: Node.js adopts the JavaScript "event-loop" to create non-blocking I/O applications that conveniently serve simultaneous events. With the standard available asynchronous processing within JavaScript/TypeScript, highly scalable, server-side solutions can be realized. The efficient use of the CPU and the RAM is maximized and more simultaneous requests can be processed than with conventional multi-thread servers.
  • A language along the entire stack: Widely used frameworks such as React or AngularJS or Vue.js, which we prefer, are written in JavaScript/TypeScript. If Node.js is now used on the server side, you can use all the advantages of a uniform script language throughout the entire application development. The same language in the back- and frontend simplifies the maintenance of the application and also the coordination within the development team.
  • Flexibility: Node.js sets very few strict dependencies, rules and guidelines and thus grants a high degree of flexibility in application development. There are no strict conventions so that the appropriate architecture, design structures, modules and features can be freely selected for the development.
READ MORE
23 upvotes1.3M views
Avatar of undefined
Avatar of sauravpandit
Application Devloper at Bny Mellon

I have just started learning Python 3 week back. I want to create REST api using python. The api will be use to save form data in Oracle database. The front end is using AngularJS 8 with Angular Material. In python there are so many framework for developing REST ** I am looking for some suggestions which REST framework to choose? ** Here are some feature I am looking for * Easy integration and unit testing like in Angular we just run command. * Code packageing, like in Java maven project we can build and package. I am looking for something which I can push in artifactory and deploy whole code as package. *Support for swagger/ OpenAPI * Support for JSON Web Token * Support for testcase coverage report Framework can have feature included or can be available by extension.

READ MORE
9 upvotes23.7K views
Avatar of wassimbj
Software Developer
Needs advice
on
JSON Web Token
and
Google Chrome

I really want to know, what are the problems that JSON Web Token solves that Sessions can't. JWT is actually more vulnerable when it comes to security. And what do other companies like Facebook or even Airbnb use to secure their API endpoint (I'm talking about GraphQL here).

Thanks!

READ MORE
4 upvotes2.6K views