339 |
340 | Note how the test script has a `-c` (_coverage_) flag above
341 | this give us the **code coverage**.
342 |
343 | We have **100% code coverage** so we can move on to our next test/feature!
344 |
345 | > How do you think we would write a test for an error?
346 | > (hint: have a look inside ./test/test.js and see the second test :)
347 |
348 | ### Note on Testing: Tape is _Simpler_ than Lab+Code
349 |
350 | > *While* ***Lab*** *is really* ***Good*** *and is the "official" testing
351 | framework used by Hapi*, *we* ***prefer***
352 | *the* ***simplicity***
353 | > *of* [***tape***](https://github.com/substack/tape);
354 | > we find our tests are simpler to write/read/understand. #YMMV
355 | > Also we *prefer* to use a *separate* & *specialised* module for tracking
356 | test coverage: [istanbul](https://github.com/dwyl/learn-istanbul)
357 | which we find does a [better job](https://github.com/hapijs/lab/issues/401) at tracking coverage...
358 |
359 | The preceding `Lab` test can be re-written (*simplified*) in `Tape` as:
360 |
361 | ```js
362 | const test = require('tape');
363 | const server = require("../index.js"); // our index.js from above
364 |
365 | test("Basic HTTP Tests - GET /{yourname*}", async function(t) { // t
366 | const options = {
367 | method: "GET",
368 | url: "/Timmy"
369 | };
370 | // server.inject lets you similate an http request
371 | const response = await server.inject(options);
372 | t.equal(response.statusCode, 200); // Expect http response status code to be 200 ("Ok")
373 | t.equal(response.result.length, 12); // Expect result to be "Hello Timmy!" (12 chars long)
374 | await server.stop();
375 | t.end(); // t.end() is required to end the test in tape
376 | });
377 | ```
378 | These tests are *functionally equivalent* in that they test *exactly* the
379 | same *outcome*. Decide for yourself which one you prefer for readability
380 | and maintainability in your projects.
381 | For our **Tape Tutorial** see: https://github.com/dwyl/learn-tape
382 |
383 |
384 | #### Related Links
385 |
386 | - Lab github module: https://github.com/hapijs/lab
387 | - Is TDD Dead? https://www.youtube.com/watch?v=z9quxZsLcfo (hint: no!)
388 | - Getting Started with HapiJS and Testing: https://blog.abcedmindedness.com/2014/10/getting-started-with-hapijs-and-testing.html (on hapi v8.0)
389 |
390 | ## Continuous Integration
391 |
392 | Making sure your code is working as you expect it to (over time).
393 |
394 | ### Integrating Hapi with Travis CI
395 |
396 | If you are new to Travis-CI or need a refresher see: https://github.com/dwyl/learn-travis
397 |
398 | We have Travis-CI enabled for all our hapi.js based projects:
399 | + https://github.com/dwyl/hapi-socketio-redis-chat-example
400 | + https://github.com/dwyl/hapi-auth-jwt2
401 | + https://github.com/dwyl/time
402 | + https://github.com/dwyl/api
403 |
404 | So if you need an example to follow, check out our repos!
405 | And as always, if you have _any questions, **ask**_!
406 |
407 | ### Error Handling with Boom
408 |
409 | [Boom](https://github.com/hapijs/boom) makes custom errors easier in Hapi.
410 | Imagine you have a page or item of content (photo, message, etc.) that
411 | you want to protect from public view (only show to someone who is logged in).
412 |
413 | First **install boom**:
414 |
415 | `npm install boom --save`
416 |
417 | Next write another test in ./test/**test.js**
418 | (If you aren't used to "Test First" - ***trust*** the process...)
419 |
420 | ```js
421 | lab.experiment("Authentication Required to View Photo", function() {
422 | // tests
423 | lab.test("Deny view of photo if unauthenticated /photo/{id*} ", async function() {
424 | const options = {
425 | method: "GET",
426 | url: "/photo/8795"
427 | };
428 | // server.inject lets you simulate an http request
429 | const response = await server.inject(options);
430 | Code.expect(response.statusCode).to.equal(401); // Expect http response status code to be 200 ("Ok")
431 | Code.expect(response.result.message).to.equal("Please log-in to see that"); // (Don't hard-code error messages)
432 | });
433 | });
434 | ```
435 |
436 | When you run `npm test` you will see a fail:
437 |
438 | 
439 |
440 | Next we want to make this test pass and we'll use Boom to get our custom error message.
441 |
442 | The wrong way of doing this is to explicitly hard-code the response for this route.
443 | The right way is to create a generic route which responds to any request for a photo with any id.
444 | And since we don't currently have any authentication set up, we ***mock*** (fake) it.
445 | (Don't worry we will get to the authentication in the next step...)
446 |
447 | ```js
448 | const Boom = require('boom');
449 | server.route({
450 | method: 'GET',
451 | path: '/photo/{id*}',
452 | config: { // validate will ensure `id` is valid before replying to your request
453 | validate: { params: { id: Joi.string().max(40).min(2).alphanum() } },
454 | handler: function (req, h) {
455 | // until we implement authentication we are simply returning a 401:
456 | return Boom.unauthorized('Please log-in to see that');
457 | // the key here is our use of the Boom.unauthorised method
458 | }
459 | }
460 | });
461 | ```
462 |
463 | Our test passes but the point was to show that returning errors
464 | with specific messages is *easy* with **Boom**.
465 |
466 | 
467 |
468 | Have a look at https://github.com/hapijs/boom for more error response options.
469 | We will be using these later as we build our app.
470 | Let's move on to authentication.
471 |
472 | > For a more _user-friendly_ approach to error-handling see: https://github.com/dwyl/hapi-error
473 |
474 |
475 | ### Logging with `good`
476 |
477 | Application logging can often be an _afterthought_ developers only implement
478 | _after_ they have a production bug which is crashing their API/App and
479 | they are scrambling to try and "debug" it.
480 |
481 | Thankfully, it Hapi has first-class support for logging with the `good` module.
482 |
483 | We have written a little example you can use to get started:
484 | [examples/hellogood.js](https://github.com/dwyl/learn-hapi/blob/master/examples/hellogood.js)
485 |
486 | Run it locally with `node examples/hellogood.js` then visit http://localhost:3000/hello/yourname in your browser.
487 |
488 | _Note: Good is not yet compatible with Hapi 17, so this code will only run if you are using v16. [See here for more details](#hapi-v16)_
489 |
490 | You should expect to see something like this:
491 | 
492 |
493 | There are good examples including logging use http (e.g. to a 3rd party logging tool)
494 | in the Good repo: https://github.com/hapijs/good/tree/master/examples
495 |
496 | Again, if you have _any_ questions, [_ask_](https://github.com/dwyl/learn-hapi/issues)
497 |
498 |
499 | ### Authentication
500 |
501 | Authentication is the process of determining whether someone
502 | or something is, in fact, who or what it is declared to be.
503 |
504 | Authentication (or "Auth") is something many *novice* (*naive*?)
505 | developers attempt to write themselves. (I was once that kid...
506 | trust me, we have *bigger fish to fry*, use a well-written/tested library!)
507 |
508 | We have 4 options:
509 |
510 | 1. Google - If you are building an "enterprise" or "education" app
511 | which you know will be used in Google-enabled companies/schools we
512 | wrote a Hapi plugin: https://github.com/dwyl/hapi-auth-google which
513 | lets you include Google Login in your app in a few clear steps. The plugin uses the [***Official Google Node.js API Client***](https://github.com/google/google-api-nodejs-client) and is
514 | written to be as readable as possible for complete beginners.
515 | 2. EveryAuth - Specific to Connect/Express apps: https://github.com/bnoguchi/everyauth
516 | 3. [Passport.js](https://github.com/jaredhanson/passport) - ***100% Code Coverage*** and *many* excellent integrations https://passportjs.org/guide/providers/
517 | 4. Bell - the 3rd party Login Hapi.js Plugin is *good* however we found it
518 | *lacking in documentation/usage examples*, which is why we wrote
519 | our own (*simpler*) Auth Plugin *specific* to our projects.
520 | see: [https://github.com/**dwyl**?query=**auth**](https://github.com/dwyl?utf8=%E2%9C%93&query=auth)
521 |
522 |
523 | #### Bell
524 |
525 | The go-to solution for 3rd party authentication in hapi is bell: https://github.com/hapijs/bell.
526 | There are a few good examples in the repo: https://github.com/hapijs/bell/tree/master/examples.
527 |
528 |
529 | ### Caching with Catbox
530 |
531 | Most apps don't _need_ caching from "Day 1"
532 | (_because you don't **know** upfront where your app's bottlenecks are going to be..._).
533 |
534 | But, once again, the team that brought you Hapi.js have _solved_ the problem of caching,
535 | see: https://github.com/hapijs/catbox/ and https://hapijs.com/tutorials/caching
536 | > We use Redis for blazing fast application and data caching.
537 | Hapi.js Catbox makes this very easy!
538 |
539 |
540 |
541 | ### Using Socket.io with Hapi for Real-Time Apps
542 |
543 | Using Socket.io with Hapi.js could _not_ be easier!
544 | To help you get started we've built a fully-functional chat application with tests (now [featured on the hapijs.com Resources page](https://hapijs.com/resources#Tutorials)),
545 | which demonstrates the power of Real-Time data-synching in your apps.
546 |
547 | > https://github.com/dwyl/hapi-socketio-redis-chat-example
548 |
549 | ## Hapi v16
550 | There were some major changes introduced to Hapi when version 17 was released. For a full list, see [the version 17 release notes](https://github.com/hapijs/hapi/issues/3658), but here are the major differences relevant to this guide:
551 | * Callbacks replaced with `async` functions. This means that instead of passing a callback to the function, and having that called when the function is finished, hapi functions return a promise that can either be resolved, or called synchronously with `await`. For more on `async` functions, see [MDN](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/async_function) and [this guide](https://ponyfoo.com/articles/understanding-javascript-async-await)
552 | * `server.connection()` replaced with options passed directly into the server when it's created. A small change, but important to update. Before, we created our server with:
553 | ```js
554 | var server = new Hapi.server();
555 | ```
556 | and passed our options to:
557 | ```js
558 | server.connection({port: 8000});
559 | ```
560 | Now, we just pass our options straight away, and no longer need to call the connection method:
561 | ```js
562 | const server = new Hapi.server({port: 8000});
563 | ```
564 | * `reply()` interface replaced with a new lifecycle methods interface. You no longer have to call reply when sending a response from a handler. You can now just:
565 | ```js
566 | return "your reply";
567 | ```
568 | And the reply parameter to your handler has been replaced with a response toolkit (h) containing helpers from hapi core and your plugins.
569 |
570 | Not all of the hapi plugins have been updated to work with v17 yet (For example [Bell](https://github.com/hapijs/bell/issues/330), and [Good](https://github.com/hapijs/good/issues/568)), so be careful if you decide to upgrade an existing project.
571 |
572 | The previous version of this tutorial and code examples for Hapi 16 can be found here: https://github.com/dwyl/learn-hapi/tree/b58495ea002a9f3f8af8d183f6004d2b483f4591
573 |
574 | ## Please Suggest Improvements! [](https://github.com/dwyl/learn-hapi/issues)
575 |
576 | If you want to extend this tutorial or simply request additional sections,
577 | open an issue on GitHub: https://github.com/dwyl/learn-hapi/issues
578 |
579 |
580 | ## Background Reading / Watching
581 |
582 | - GitHub Repo: https://github.com/hapijs/hapi (has documentation)
583 | - An ecosystem of tools and best practices for the working hapijs developer (up-to-date with last version of hapi): https://hapipal.com/ https://hapipal.com/getting-started
584 |
585 | - Restify vs Express performance: https://stackoverflow.com/questions/17589178/why-should-i-use-restify
586 | - REST API in Express: https://pixelhandler.com/posts/develop-a-restful-api-using-nodejs-with-express-and-mongoose
587 | - Hapi API Reference: https://github.com/hapijs/hapi/blob/master/API.md
588 |
589 |
590 | ### Video Intro
591 |
592 | - Hapi.js and why it's awesome: https://www.youtube.com/watch?v=ZI9wXL-add0&t=2m5s
593 | - Hapi overview: https://www.youtube.com/watch?v=Recv7vR8ZlA (old version but concepts still relevant)
594 |
595 | ### Tutorials
596 |
597 | - Hapi Boilerplate app: https://github.com/poeticninja/hapi-ninja [updated for hapi 8.0]
598 | - Building APIs with Hapi and MongoDB: https://speakerdeck.com/donnfelker/building-web-apis-with-hapi-dot-js-and-mongodb-mongoose
599 | - Repo for the above speakerdeck: https://github.com/donnfelker/hapi-mongodb-example
600 | - Micro-tutorial: https://github.com/hapijs/makemehapi
601 | - https://stackoverflow.com/questions/21455076/hapi-and-node-js-to-create-a-rest-api-server
602 | - Hapi + Twilio (sms): https://code.tutsplus.com/tutorials/creating-a-node-web-app-with-hapi-and-twilio-integration--cms-20769
603 | - Authentication: https://github.com/hapijs/hapi-auth-cookie
604 | - A few examples: https://github.com/andyroyle/hapi-examples
605 | - More examples: https://github.com/wpreul/hapikc (*very old* version of Hapi!)
606 | - BDD with Hapi and Lab: https://gist.github.com/thebillkidy/10a11fed1bf61d04c3c5 (*old* version of Hapi!)
607 | + If you like React.js checkout Mullet.js (Hapi.js + React.js):
608 | https://mullet.io/ + https://github.com/lynnaloo/mullet
609 | + If you have an *existing* ***Express*** App and are thinking of
610 | migrating to Hapi, read: https://matt-harrison.com/moving-from-express-to-hapi-js/
611 |
612 | Selected StackOverflow Questions & Answers:
613 | - https://stackoverflow.com/questions/22934340/hapi-js-api-authentication
614 | see: https://stackoverflow.com/a/33877047/1148249 (*answer*)
615 | - https://stackoverflow.com/questions/22985392/how-do-you-make-a-hapi-js-plugin-module
616 | see: https://stackoverflow.com/a/25135343/1148249 (*answer*)
617 | - https://stackoverflow.com/questions/18343509/hapi-js-with-socket-io-where-is-socket-io-js
618 | see: https://stackoverflow.com/a/33876615/1148249 (*answer*
619 |
620 |
621 | [npm-image]: https://img.shields.io/npm/v/hapi.svg?style=flat
622 | [npm-url]: https://npmjs.org/package/learn-hapi
623 |
--------------------------------------------------------------------------------
/TLDR.md:
--------------------------------------------------------------------------------
1 | # Note: Hapi was built by Walmart
2 |
3 | 
4 |
5 | Hapi was (_originally_) built by (_the fantastic team of people assembled by [@hueniverse](https://github.com/hueniverse)_) [@WalmartLabs](https://en.wikipedia.org/wiki/@WalmartLabs)
6 | for Walmart.
7 |
8 | [Walmart](https://en.wikipedia.org/wiki/Walmart) is *by far* the most successful
9 | retailer in the world and they have achieved their success (*in part*) by
10 | investing heavily in their *technological competitive advantage*.
11 |
12 | If you are not keen on Walmart for any of
13 | [these](https://en.wikipedia.org/wiki/Criticism_of_Walmart) reasons,
14 | at least *consider* the fact that they have open-sourced their full
15 | node stack to allow others to benefit from their hard work.
16 |
17 | I took the time to read *extensively* about Walmart as part of my
18 | Retail course at University
19 | see: [History of Walmart](https://en.wikipedia.org/wiki/History_of_Walmart)
20 | and [In Sam We Trust](https://www.bizsum.com/summaries/sam-we-trust).
21 | The fact is that
22 | [Sam Walton](https://en.wikipedia.org/wiki/Sam_Walton)
23 | achieved *much* of his success through
24 | investing in *technology*
25 | (Barcodes, EPOS, Satellite Uplink for faster IT Systems and Logistics Tracking, etc)
26 | to drive cost savings and passed those savings on to the
27 | customers where other retailers got left behind with their paper-based
28 | "*it still works, why change?*" approach.
29 |
30 | Since Sam's passing the Walmart leadership has compromised its ethics
31 | in favor of maximising profits. This documented in:
32 | [The High Cost Of Low Price](https://www.youtube.com/results?search_query=Wal*Mart+-+The+High+Cost+Of+Low+Price)
33 | and [The Wal-Mart Effect](https://en.wikipedia.org/wiki/The_Wal-Mart_Effect)
34 |
35 | While I think we can/should continue send a
36 | [*clear message*](https://en.wikipedia.org/wiki/Dollar_voting)
37 | to [Bentonville](https://en.wikipedia.org/wiki/Walmart#Corporate_affairs)
38 | by preferring to spend our $¥£€ at Local & Fairtrade retailers where ever possible,
39 | we can still *use* the ***best-in-class*** code the *fantastic engineers*
40 | have built (to meet their *vast* supply-chain and e-commerce needs and
41 | open-sourced) to craft our own software products/projects.
42 |
43 | Using the transport analogy, I don't *like* using fossil fuels to get from A-to-B
44 | because of the CO2 emissions. But I'm *pragmatic* about how I travel
45 | the [thousand miles](https://www.wolframalpha.com/input/?i=distance+from+London+to+Lisbon)
46 | to visit my family twice a year. I could do two weeks by horse-and-cart,
47 | two days by train or two hours by plane each way. Which option do you take...?
48 | By chosing Hapi you are opting for the jet engine.
49 |
50 | Make up your own mind on whether you feel that using code written for Walmart
51 | goes against your ethics. | ID | 567 |Title | 568 |Duration (ms) | 569 |
|---|---|---|
| 1 | 574 |Basic HTTP Tests Main endpoint /{yourname*} 575 | 576 | | 577 |41 | 578 |
| 2 | 581 |Basic HTTP Tests creating valid user 582 | 583 | | 584 |11 | 585 |
| 3 | 588 |Authentication Required to View Photo Deny view of photo if unauthenticated /photo/{id*} 589 | 590 | | 591 |3 | 592 |
| Line | 617 |Lint | 618 |Hits | 619 |Source | 620 |
|---|---|---|---|
| 1 | 625 |626 | | 627 | | // Start this app from your command line with: node hellovalidate.js | 628 |
| 2 | 631 |632 | | 633 | | // then visit: http://localhost:3000/YOURNAME | 634 |
| 3 | 637 |638 | | 639 | | 640 | |
| 4 | 643 |644 | | 1 | 645 |var Hapi = require('hapi'); | 646 |
| 5 | 649 |650 | | 1 | 651 |var Joi = require('joi'); | 652 |
| 6 | 655 |656 | | 1 | 657 |var Boom = require('boom'); | 658 |
| 7 | 661 |662 | | 1 | 663 |var port = 3000; // process.env.PORT || 3000; // allow port to be set by environment | 664 |
| 8 | 667 |668 | | 669 | | 670 | |
| 9 | 673 |674 | | 1 | 675 |var server = new Hapi.Server(); | 676 |
| 10 | 679 |680 | | 1 | 681 |server.connection({ port: port }); | 682 |
| 11 | 685 |686 | | 687 | | 688 | |
| 12 | 691 |692 | | 1 | 693 |server.route({ | 694 |
| 13 | 697 |698 | | 699 | | method: ['GET', 'POST'], | 700 |
| 14 | 703 |704 | | 705 | | path: '/{name*}', | 706 |
| 15 | 709 |710 | | 711 | | config: { // validate will ensure YOURNAME is valid before replying to your request | 712 |
| 16 | 715 |716 | | 717 | | validate: { params: { name: Joi.string().max(40).min(2).alphanum() } }, | 718 |
| 17 | 721 |722 | | 723 | | handler: function (request, reply) { | 724 |
| 18 | 727 |728 | | 1 | 729 |reply('Hai '+ request.params.name + '!'); | 730 |
| 19 | 733 |734 | | 735 | | } | 736 |
| 20 | 739 |740 | | 741 | | } | 742 |
| 21 | 745 |746 | | 747 | | }); | 748 |
| 22 | 751 |752 | | 753 | | 754 | |
| 23 | 757 |758 | | 1 | 759 |server.route({ | 760 |
| 24 | 763 |764 | | 765 | | method: 'GET', | 766 |
| 25 | 769 |770 | | 771 | | path: '/photo/{id*}', | 772 |
| 26 | 775 |776 | | 777 | | config: { // validate will ensure YOURNAME is valid before replying to your request | 778 |
| 27 | 781 |782 | | 783 | | validate: { params: { id: Joi.string().max(40).min(2).alphanum() } }, | 784 |
| 28 | 787 |788 | | 789 | | handler: function (request, reply) { | 790 |
| 29 | 793 |794 | | 795 | | // until we implement authentication we are simply returning a 401: | 796 |
| 30 | 799 |800 | | 1 | 801 |reply(Boom.unauthorized('Please log-in to see that')); | 802 |
| 31 | 805 |806 | | 807 | | } | 808 |
| 32 | 811 |812 | | 813 | | } | 814 |
| 33 | 817 |818 | | 819 | | }); | 820 |
| 34 | 823 |824 | | 825 | | 826 | |
| 35 | 829 |830 | | 1 | 831 |server.start(function() { | 832 |
| 36 | 835 |836 | | 1 | 837 |console.log('Now Visit: http://localhost:' + port + '/YOURNAME'); | 838 |
| 37 | 841 |842 | | 843 | | }); | 844 |
| 38 | 847 |848 | | 849 | | 850 | |
| 39 | 853 |854 | | 1 | 855 |module.exports = server; | 856 |
| 40 | 859 |860 | | 861 | | 862 | |