| 
|
10 | | 
| 
| 
|
11 | | 
| 
| 
|
12 |
13 |
14 | * **OpenShift** [https://www.openshift.com/](https://www.openshift.com/) - OpenShift Online is Red Hat's next-generation application hosting platform that makes it easy to run your web applications in the cloud for free.
15 | * **Hapi** [http://hapijs.com/](http://hapijs.com/) - A rich framework for building applications and services
16 | * **MongoDb** [https://www.mongodb.org](https://www.mongodb.org) - MongoDBis an open-source, document database designed for ease of development and scaling.
17 | * **Mongoose** [http://mongoosejs.com/](http://mongoosejs.com/) - elegant mongodb object modeling for node.js
18 | * **Redis** [http://redis.io/](http://redis.io/) - Redis is an open source, in-memory data structure store, used as database, cache and message broker.
19 | * **Swagger** [http://swagger.io/](http://swagger.io/) - The World's Most Popular Framework for APIs.
20 | * **Jason Web Token** [https://github.com/auth0/node-jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.
21 | * **NodeMailer** [http://nodemailer.com/](http://nodemailer.com/) - Send e-mails with Node.JS – easy as cake!
22 | * **BlazeMeter** [https://blazemeter.com/](https://blazemeter.com/) -Run massively scalable, open source-based performance tests against all of your apps, from classic
23 | web and mobile to microservices and APIs, and validate performance at every software delivery stage.
24 | * **JMeter** [http://jmeter.apache.org/]([http://jmeter.apache.org/) - The Apache JMeter™ application is open source software, a 100% pure Java application designed to load test functional behavior and measure performance
25 |
26 |
27 | [](https://gitter.im/bartonhammond/snowflake?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [](https://github.com/bartonhammond/snowflake/blob/master/LICENSE)
28 |
29 | # Content
30 | - [Use case](#usecase)
31 | - [Summary](#summary)
32 | - [Setup](#setup)
33 | - [API Documentation](http://mysnowflake-bartonhammond.rhcloud.com/documentation)
34 | - [Source documentation](http://bartonhammond.github.io/snowflake-hapi-openshift/server.js.html)
35 |
36 | ## Usecase
37 |
38 | * **Register** - When user registers w/ email, username, password, the
39 | system sends a email verification. Until the user clicks the link
40 | within the email, their Email Verified field is false. When
41 | clicked, the field is set to true. The response from Register
42 | contains a "Session Token" for subsequent authentication.
43 |
44 | * **Login** When the user logs in with their username and password,
45 | the sytem responds with a "Session Token".
46 |
47 | * **Log Out** When the user logs out, the Session Token is blacklisted
48 | using Redis. Every entry point to the server that requires
49 | authentication first checks if the Session Toke has already been
50 | revoked by checking it's presence in Redis. If present, the request
51 | is denied.
52 |
53 | * **Reset Password** Once the user provides an Email address, they
54 | receive an email with a link that takes them to a form to submit a
55 | new password
56 |
57 | * **Profile** Once a user is logged in, they can view their profile.
58 |
59 | * **Profile Update** A User can modify their username and/or email.
60 | If the email address is modified, their Email Verified value is
61 | set again to false and a new
62 | email is sent to the new address for verification.
63 |
64 |
65 | ## Summary
66 |
67 | ### OpenShift
68 | OpenShift supports a free NodeJS setup that will scale with web
69 | traffic. This **Snowflake Server** setup will use MongoDB and Redis.
70 | 
71 | * This server is using 3 small gears:
72 | * NodeJS (actually at version 4.2.3)
73 | * MongoDB
74 | * Redis
75 | * And a **Web Load Balancer**
76 |
77 | Some commands that you'll want to know about, once you've install the
78 | 'rhc' client:
79 |
80 | * rhc ssh -a mysnowflake
81 |
82 | You can check the performance of your application using the link
83 |
84 | ```
85 | your-app-domain/haproxy-status/
86 | ```
87 |
88 | The HAProxy Status Page
89 | 
90 |
91 |
92 | ### Hapi
93 | The nodeJS server uses Hapi. Hapi was developed and Open Sourced by
94 | [Walmart Labs](http://www.walmartlabs.com/project_type/open-source/).
95 | It has been battle tested by Walmart, the largest retailer on earth.
96 | I chose it over Express 'cause Hapi is more targeted to API support
97 | and it looked interesting.
98 |
99 | This server is documented [here](http://bartonhammond.github.io/snowflake-hapi-openshift/server.js.html) in its entirety.
100 |
101 | Here's some flavor of what Hapi offers. Below is the declarative definition of the ```/account/login``` end point. The ```payload``` is validated here and shows how the ```username``` has a regex expression and is required. The same for the ```email```. The ```config``` option has the ```tags, description, notes``` that document how the ```api``` is used. The ```handler``` is defined elsewhere. Separating the end point validation and declaration from the implementation cleans up the code.
102 |
103 | ```
104 | {
105 | method: 'POST',
106 | path: '/account/login',
107 | handler: AccountHandlers.loginUser,
108 | config: {
109 | // Include this API in swagger documentation
110 | tags: ['api'],
111 | description: 'A user can login',
112 | notes: 'The user login will return a sessionToken',
113 | validate: {
114 | payload: {
115 | //username required with same regex as client
116 | username: Joi.string().regex(CONFIG.validation.username).required(),
117 | //password required with same regex as client
118 | password: Joi.string().regex(CONFIG.validation.password).required()
119 | }
120 | }
121 | }
122 | },
123 | ```
124 |
125 |
126 | ### MongoDb
127 | Mongodb will host our documents, namely User information, at this
128 | time. We'll be using **Mongoose** for interacting with Mongo within
129 | our code.
130 |
131 | Once you're ssh'd into Openshift via ```rhc ssh -a mysnowflake```, you
132 | can use the ```mongo``` shell.
133 |
134 |
135 | ### Redis
136 | Redis is fantastic for key,value pair access. We're using it here for
137 | "Black Listing Json Web Tokens". You can read about this concept here [https://auth0.com/blog/2015/03/10/blacklist-json-web-token-api-keys/](https://auth0.com/blog/2015/03/10/blacklist-json-web-token-api-keys/)
138 |
139 |
140 | ### Swagger
141 | Swagger provides the api documentation - simply augmenting the
142 | endpoints generates a page showing all the API access points.
143 |
144 | Shown below is the generated API documentation -
145 |
146 | 
147 |
148 | NOTE: you can test the APIs directly from the browser with the forms that Swagger provides!
149 |
150 | 
151 |
152 | ### Jason Web Token
153 |
154 | JWT is used in the Authentication as a Session Token. You can read the docs [here](http://bartonhammond.github.io/snowflake-hapi-openshift/src/auth/jwt-strategy.js.html) showing how it's setup.
155 |
156 |
157 | ### JMeter
158 |
159 | Using JMeter allowed me to performance test the API. I created a test suite with JMeter as shown below and debugged the script by running locally. Once I was satisfied, I changed the ```HTTP Request Defaults``` and uploaded to BlazeMeter for testing.
160 |
161 | Shown below is the script defined in JMeter
162 |
163 | 
164 |
165 | ### BlazeMeter
166 | BlazeMeter was used to perform the tests as it is much better equipped to host the threads then my personal mac.
167 |
168 |
169 |
171 |
172 |
173 | The following screens show the results of running 50 concurrent users performing the following actions with a 1 second delay between each action:
174 |
175 | * **register** - Register with username, password, and email
176 | * **login** - Usename, password sued to login
177 | * **restricted access** - access a page requiring SessionToken
178 | * **profile/account/me** - show my profile
179 | * **profile/account/{_id}** - update the profile defined by _id
180 |
181 | **Original Test Configuration**
182 | 
183 |
184 | **Overview**
185 | 
186 |
187 | **Timeline Report**
188 | 
189 |
190 | **Load Report**
191 | 
192 |
193 | **Aggregate Report**
194 | 
195 |
196 | **Monitoring Report**
197 | 
198 |
199 | -------------------
200 |
201 |
202 | ## Setup
203 |
204 | Below are the instructions for setting up the server on your local machine. These instructions work fine on the Mac - no promise is made for other OSs.
205 |
206 | * **Pre-setup step**: We are using **NodeMailer** and if you use a Gmail account, be sure to follow the steps below from [https://github.com/nodemailer/nodemailer](https://github.com/nodemailer/nodemailer)
207 |
208 |
209 | > You may need to "Allow Less Secure Apps" in your gmail account (it's all the way at the bottom). You also may need to "Allow access to your Google account"
210 |
211 |
212 |
213 | ### Locally (one time only setup)
214 | ----------------------------------------------------------
215 | * Install Mongo db
216 | [https://www.mongodb.org/downloads#production](https://www.mongodb.org/downloads#production)
217 | * to start, ```sudo mongod```
218 |
219 | * Install Redis
220 |
221 | * I used Redis 2.18.24, which is what's installed on OpenShift
222 | * down load and unzip [http://download.redis.io/releases/redis-2.8.24.tar.gz](http://download.redis.io/releases/redis-2.8.24.tar.gz)
223 |
224 | ```
225 | cd redis-2.8.24
226 | make
227 | cd src/
228 | ./redis-server
229 | ```
230 |
231 | * Update ip in config file w/ ip from `ifconfig`
232 | Example:
233 | ```
234 | hapi: {
235 | port: 5000,
236 | ip: '127.0.0.1'
237 | }
238 |
239 | ```
240 |
241 | * Update Snowflake ```src/lib/config.js``` w/ same ip from step above
242 | Example:
243 | ```
244 | HAPI: {
245 | local: {
246 | url: 'http://127.0.0.1:5000'
247 | },
248 | remote: {
249 | url: 'enter your remote url here'
250 | }
251 | }
252 | ```
253 |
254 | * Then in different terminal, inside mysnowflake,
255 |
256 | ```
257 | npm start
258 | ```
259 |
260 |
261 | ### OpenShift
262 |
263 | Watch the following video to see all the steps to install the **Hapi nodes server to Openshift** in action:
264 |
265 | 
267 |
268 |
269 | ----------------------------------------------------------
270 |
271 | * Create an account at http://openshift.redhat.com/
272 |
273 | * Install the command line tool ```rhc```
274 |
275 | * [https://developers.openshift.com/en/managing-client-tools.html](https://developers.openshift.com/en/managing-client-tools.html)
276 |
277 | * Create a namespace, if you haven't already done so via the web interface
278 |
279 | ```
280 | rhc domain create true
397 | true
455 | 
| | |
10 | | | | |
11 | | | | |
12 |
13 |
14 | * **OpenShift** [https://www.openshift.com/](https://www.openshift.com/) - OpenShift Online is Red Hat's next-generation application hosting platform that makes it easy to run your web applications in the cloud for free.
15 | * **Hapi** [http://hapijs.com/](http://hapijs.com/) - A rich framework for building applications and services
16 | * **MongoDb** [https://www.mongodb.org](https://www.mongodb.org) - MongoDBis an open-source, document database designed for ease of development and scaling.
17 | * **Mongoose** [http://mongoosejs.com/](http://mongoosejs.com/) - elegant mongodb object modeling for node.js
18 | * **Redis** [http://redis.io/](http://redis.io/) - Redis is an open source, in-memory data structure store, used as database, cache and message broker.
19 | * **Swagger** [http://swagger.io/](http://swagger.io/) - The World's Most Popular Framework for APIs.
20 | * **Jason Web Token** [https://github.com/auth0/node-jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.
21 | * **NodeMailer** [http://nodemailer.com/](http://nodemailer.com/) - Send e-mails with Node.JS – easy as cake!
22 | * **BlazeMeter** [https://blazemeter.com/](https://blazemeter.com/) -Run massively scalable, open source-based performance tests against all of your apps, from classic
23 | web and mobile to microservices and APIs, and validate performance at every software delivery stage.
24 | * **JMeter** [http://jmeter.apache.org/]([http://jmeter.apache.org/) - The Apache JMeter™ application is open source software, a 100% pure Java application designed to load test functional behavior and measure performance
25 |
26 |
27 | [](https://gitter.im/bartonhammond/snowflake?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [](https://github.com/bartonhammond/snowflake/blob/master/LICENSE)
28 |
29 | # Content
30 | - [Use case](#usecase)
31 | - [Summary](#summary)
32 | - [Setup](#setup)
33 | - [API Documentation](http://mysnowflake-bartonhammond.rhcloud.com/documentation)
34 | - [Source documentation](http://bartonhammond.github.io/snowflake-hapi-openshift/server.js.html)
35 |
36 | ## Usecase
37 |
38 | * **Register** - When user registers w/ email, username, password, the
39 | system sends a email verification. Until the user clicks the link
40 | within the email, their Email Verified field is false. When
41 | clicked, the field is set to true. The response from Register
42 | contains a "Session Token" for subsequent authentication.
43 |
44 | * **Login** When the user logs in with their username and password,
45 | the sytem responds with a "Session Token".
46 |
47 | * **Log Out** When the user logs out, the Session Token is blacklisted
48 | using Redis. Every entry point to the server that requires
49 | authentication first checks if the Session Toke has already been
50 | revoked by checking it's presence in Redis. If present, the request
51 | is denied.
52 |
53 | * **Reset Password** Once the user provides an Email address, they
54 | receive an email with a link that takes them to a form to submit a
55 | new password
56 |
57 | * **Profile** Once a user is logged in, they can view their profile.
58 |
59 | * **Profile Update** A User can modify their username and/or email.
60 | If the email address is modified, their Email Verified value is
61 | set again to false and a new
62 | email is sent to the new address for verification.
63 |
64 |
65 | ## Summary
66 |
67 | ### OpenShift
68 | OpenShift supports a free NodeJS setup that will scale with web
69 | traffic. This **Snowflake Server** setup will use MongoDB and Redis.
70 | 
71 | * This server is using 3 small gears:
72 | * NodeJS (actually at version 4.2.3)
73 | * MongoDB
74 | * Redis
75 | * And a **Web Load Balancer**
76 |
77 | Some commands that you'll want to know about, once you've install the
78 | 'rhc' client:
79 |
80 | * rhc ssh -a mysnowflake
81 |
82 | You can check the performance of your application using the link
83 |
84 | ```
85 | your-app-domain/haproxy-status/
86 | ```
87 |
88 | The HAProxy Status Page
89 | 
90 |
91 |
92 | ### Hapi
93 | The nodeJS server uses Hapi. Hapi was developed and Open Sourced by
94 | [Walmart Labs](http://www.walmartlabs.com/project_type/open-source/).
95 | It has been battle tested by Walmart, the largest retailer on earth.
96 | I chose it over Express 'cause Hapi is more targeted to API support
97 | and it looked interesting.
98 |
99 | This server is documented [here](http://bartonhammond.github.io/snowflake-hapi-openshift/server.js.html) in its entirety.
100 |
101 | Here's some flavor of what Hapi offers. Below is the declarative definition of the ```/account/login``` end point. The ```payload``` is validated here and shows how the ```username``` has a regex expression and is required. The same for the ```email```. The ```config``` option has the ```tags, description, notes``` that document how the ```api``` is used. The ```handler``` is defined elsewhere. Separating the end point validation and declaration from the implementation cleans up the code.
102 |
103 | ```
104 | {
105 | method: 'POST',
106 | path: '/account/login',
107 | handler: AccountHandlers.loginUser,
108 | config: {
109 | // Include this API in swagger documentation
110 | tags: ['api'],
111 | description: 'A user can login',
112 | notes: 'The user login will return a sessionToken',
113 | validate: {
114 | payload: {
115 | //username required with same regex as client
116 | username: Joi.string().regex(CONFIG.validation.username).required(),
117 | //password required with same regex as client
118 | password: Joi.string().regex(CONFIG.validation.password).required()
119 | }
120 | }
121 | }
122 | },
123 | ```
124 |
125 |
126 | ### MongoDb
127 | Mongodb will host our documents, namely User information, at this
128 | time. We'll be using **Mongoose** for interacting with Mongo within
129 | our code.
130 |
131 | Once you're ssh'd into Openshift via ```rhc ssh -a mysnowflake```, you
132 | can use the ```mongo``` shell.
133 |
134 |
135 | ### Redis
136 | Redis is fantastic for key,value pair access. We're using it here for
137 | "Black Listing Json Web Tokens". You can read about this concept here [https://auth0.com/blog/2015/03/10/blacklist-json-web-token-api-keys/](https://auth0.com/blog/2015/03/10/blacklist-json-web-token-api-keys/)
138 |
139 |
140 | ### Swagger
141 | Swagger provides the api documentation - simply augmenting the
142 | endpoints generates a page showing all the API access points.
143 |
144 | Shown below is the generated API documentation -
145 |
146 | 
147 |
148 | NOTE: you can test the APIs directly from the browser with the forms that Swagger provides!
149 |
150 | 
151 |
152 | ### Jason Web Token
153 |
154 | JWT is used in the Authentication as a Session Token. You can read the docs [here](http://bartonhammond.github.io/snowflake-hapi-openshift/src/auth/jwt-strategy.js.html) showing how it's setup.
155 |
156 |
157 | ### JMeter
158 |
159 | Using JMeter allowed me to performance test the API. I created a test suite with JMeter as shown below and debugged the script by running locally. Once I was satisfied, I changed the ```HTTP Request Defaults``` and uploaded to BlazeMeter for testing.
160 |
161 | Shown below is the script defined in JMeter
162 |
163 | 
164 |
165 | ### BlazeMeter
166 | BlazeMeter was used to perform the tests as it is much better equipped to host the threads then my personal mac.
167 |
168 |
169 |
171 |
172 |
173 | The following screens show the results of running 50 concurrent users performing the following actions with a 1 second delay between each action:
174 |
175 | * **register** - Register with username, password, and email
176 | * **login** - Usename, password sued to login
177 | * **restricted access** - access a page requiring SessionToken
178 | * **profile/account/me** - show my profile
179 | * **profile/account/{_id}** - update the profile defined by _id
180 |
181 | **Original Test Configuration**
182 | 
183 |
184 | **Overview**
185 | 
186 |
187 | **Timeline Report**
188 | 
189 |
190 | **Load Report**
191 | 
192 |
193 | **Aggregate Report**
194 | 
195 |
196 | **Monitoring Report**
197 | 
198 |
199 | -------------------
200 |
201 |
202 | ## Setup
203 |
204 | Below are the instructions for setting up the server on your local machine. These instructions work fine on the Mac - no promise is made for other OSs.
205 |
206 | * **Pre-setup step**: We are using **NodeMailer** and if you use a Gmail account, be sure to follow the steps below from [https://github.com/nodemailer/nodemailer](https://github.com/nodemailer/nodemailer)
207 |
208 |
209 | > You may need to "Allow Less Secure Apps" in your gmail account (it's all the way at the bottom). You also may need to "Allow access to your Google account"
210 |
211 |
212 |
213 | ### Locally (one time only setup)
214 | ----------------------------------------------------------
215 | * Install Mongo db
216 | [https://www.mongodb.org/downloads#production](https://www.mongodb.org/downloads#production)
217 | * to start, ```sudo mongod```
218 |
219 | * Install Redis
220 |
221 | * I used Redis 2.18.24, which is what's installed on OpenShift
222 | * down load and unzip [http://download.redis.io/releases/redis-2.8.24.tar.gz](http://download.redis.io/releases/redis-2.8.24.tar.gz)
223 |
224 | ```
225 | cd redis-2.8.24
226 | make
227 | cd src/
228 | ./redis-server
229 | ```
230 |
231 | * Update ip in config file w/ ip from `ifconfig`
232 | Example:
233 | ```
234 | hapi: {
235 | port: 5000,
236 | ip: '192.168.0.5'
237 | }ik
238 |
239 | ```
240 |
241 | * Update Snowflake ```src/lib/config.js``` w/ same ip from step above
242 | Example:
243 | ```
244 | HAPI: {
245 | local: {
246 | url: 'http://192.168.0.5:5000'
247 | },
248 | remote: {
249 | url: 'enter your remote url here'
250 | }
251 | }
252 | ```
253 |
254 | * Then in different terminal, inside mysnowflake,
255 |
256 | ```
257 | npm start
258 | ```
259 |
260 |
261 | ### OpenShift
262 |
263 | Watch the following video to see all the steps to install the **Hapi nodes server to Openshift** in action:
264 |
265 |
267 |
268 |
269 | ----------------------------------------------------------
270 |
271 | * Create an account at http://openshift.redhat.com/
272 |
273 | * Install the command line tool ```rhc```
274 |
275 | * [https://developers.openshift.com/en/managing-client-tools.html](https://developers.openshift.com/en/managing-client-tools.html)
276 |
277 | * Create a namespace, if you haven't already done so via the web interface
278 |
279 | ```
280 | rhc domain create Thanks for Registering on" 54 | + " " 55 | + CONFIG.email.accountName 56 | +"
Please verify your email by clicking on the"
57 | + " verification link below.
Verification Link
A reset password action has been requested from" 75 | + " " 76 | + CONFIG.email.accountName 77 | +"
Please click on the "
78 | + " reset password link below.
"
79 | + " The link is only available for 15 minutes.
"
80 | + "Reset Password Link
';
38 | // Add env entries.
39 | for (var k in process.env) {
40 | content += ' ' + k + ': ' + process.env[k] + '\n';
41 | }
42 | content += '}\n