Persistence. SWE 432, Fall 2017 Design and Implementation of Software for the Web

Similar documents
Persistence & State. SWE 432, Fall 2016 Design and Implementation of Software for the Web

NoSQL & Firebase. SWE 432, Fall Web Application Development

Backend Development. SWE 432, Fall 2017 Design and Implementation of Software for the Web

Backend Development. SWE 432, Fall Web Application Development

What is Node.js? Tim Davis Director, The Turtle Partnership Ltd

Tools. SWE 432, Fall Design and Implementation of Software for the Web

Cookies, sessions and authentication

Sessions. Mendel Rosenblum. CS142 Lecture Notes - Sessions

Security. SWE 432, Fall 2017 Design and Implementation of Software for the Web

IERG Tutuorial 5. Benedict Mak

Microservices. SWE 432, Fall 2017 Design and Implementation of Software for the Web

CSc 337 LECTURE 16: WRITING YOUR OWN WEB SERVICE

We are assuming you have node installed!

Node.js. Node.js Overview. CS144: Web Applications

CMSC 332 Computer Networking Web and FTP

Computer Networks. Wenzhong Li. Nanjing University

Managing State. Chapter 13

Web, HTTP and Web Caching

Lecture 9a: Sessions and Cookies

Security and Privacy. SWE 432, Fall 2016 Design and Implementation of Software for the Web

Tuesday, January 13, Backend III: Node.js with Databases

Express.JS. Prof. Cesare Pautasso Modularity

Large-Scale Web Applications

Full Stack boot camp


Cloud Help for Community Managers...3. Release Notes System Requirements Administering Jive for Office... 6

Introduction. Server-side Techniques. Introduction. 2 modes in the PHP processor:

Distributed Architectures & Microservices. CS 475, Spring 2018 Concurrent & Distributed Systems

Web Application Development

8.0 Help for Community Managers Release Notes System Requirements Administering Jive for Office... 6

Module 6 Node.js and Socket.IO

INTERNET ENGINEERING. HTTP Protocol. Sadegh Aliakbary

Homework 8: Ajax, JSON and Responsive Design Travel and Entertainment Search (Bootstrap/Angular/AJAX/JSON/jQuery /Cloud Exercise)

Best Practices. For developing a web game in modern browsers. Colt "MainRoach" McAnlis

Lecture 7b: HTTP. Feb. 24, Internet and Intranet Protocols and Applications

NODE.JS SERVER SIDE JAVASCRIPT. Introduc)on Node.js

Review of Previous Lecture

RESTful APIs ECS 189 WEB PROGRAMMING. Browser s view. Browser s view. Browser s view. Browser s view. Which will It be for photobooth?

CSC 4900 Computer Networks:

1-1. Switching Networks (Fall 2010) EE 586 Communication and. September Lecture 10

CPET 499/ITC 250 Web Systems. Topics

Future Web App Technologies

CS144: Sessions. Cookie : CS144: Web Applications

HyperText Transfer Protocol

From the Beginning: Your First Node.js Web Service

Investigating Source Code Reusability for Android and Blackberry Applications

Security. CSC309 TA: Sukwon Oh

Microservices without the Servers: AWS Lambda in Action

WEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang

Outline. 1. Load Testing 2. Frontend Tips 3. Server-side Tips

C exam. Number: C Passing Score: 800 Time Limit: 120 min IBM C IBM Cloud Platform Application Development

How to perform the DDoS Testing of Web Applications

Catbook Workshop: Intro to NodeJS. Monde Duinkharjav

Backend IV: Authentication, Authorization and Sanitization. Tuesday, January 13, 15

Lecture 6 Application Layer. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Scaling DreamFactory

Approaches for application request throttling. Maarten

Computer Networks. HTTP and more. Jianping Pan Spring /20/17 CSC361 1

USER GUIDE. LitExtension: YAHOO STORE to Magento Migration Tool

Extra Notes - Data Stores & APIs - using MongoDB and native driver

This tutorial is meant for software developers who want to learn how to lose less time on API integrations!

CS4/MSc Computer Networking. Lecture 3: The Application Layer

CNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies

Lesson 4: Web Browsing

Developing Applications with Alfresco s Unified REST APIs. Will Abson, Alfresco

5/19/2015. Objectives. JavaScript, Sixth Edition. Saving State Information with Query Strings. Understanding State Information

Teacher s Update Guide

CS 43: Computer Networks. HTTP September 10, 2018

VINEPILOT. Project Design Specification. v2.0 - The Savvy-gnon Team

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

CS 355. Computer Networking. Wei Lu, Ph.D., P.Eng.

Excerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt

Prototyping a Social Network. AngularJS: Firebase integration with AngularFire

Administering Jive Mobile Apps

Client Side JavaScript and AJAX

CS 498RK FALL RESTFUL APIs

Oracle SQL Developer & REST Data Services

HTTP Authentication API

Topic 15: Authentication

Running and Debugging Custom Components Locally

Beginner s Guide to Cordova and Mobile Application Development

PaaS Cloud mit Java. Eberhard Wolff, Principal Technologist, SpringSource A division of VMware VMware Inc. All rights reserved

Drupal Frontend Performance & Scalability

How to Configure Authentication and Access Control (AAA)

RKN 2015 Application Layer Short Summary

Human-Computer Interaction Design

Assignment: Seminole Movie Connection

Executive Summary. Performance Report for: The web should be fast. How does this affect me?

Micro Focus Enterprise View. Installing Enterprise View

Beyond Cookies: Persistent Storage for Web Applications. Brad Neuberg Google

Aaron Bartell Director of IBM i Innovation

Administering Jive Mobile Apps for ios and Android

Unifer Documentation. Release V1.0. Matthew S

Application Layer: The Web and HTTP Sec 2.2 Prof Lina Battestilli Fall 2017

Chapter 2 Application Layer

FAQ: Privacy, Security, and Data Protection at Libraries

Server execution of JavaScript: What could possibly go wrong?

CLIENT SERVER ARCHITECTURE:

JSN PageBuilder 2 User Manual

Privacy and Security in Online Social Networks Department of Computer Science and Engineering Indian Institute of Technology, Madras

Transcription:

Persistence SWE 432, Fall 2017 Design and Implementation of Software for the Web

Today Demo: Promises and Timers What is state in a web application? How do we store it, and how do we choose where to store it? 2

Demo: Promises and Timers 3

What is state in a web app?

Application State All data in an application What kinds of data are we concerned about? What user is logged in? What interactions have they had with us before? What data have they given us? What data have others given us? Where do we store all of these things? 5

State: Example Amazon.com Home page Login Browse Add to cart Still logged in Still logged in LaToza GMU SWE 432 Fall 2017 visit amazon.com Still logged in, still have cart 6

HTTP is stateless Web Frontend Backend HTTP Request HTTP GET https://www.amazon.com HTTP Request HTTP GET https://www.amazon.com/kakanuo-led- Dimmable-Bi-pin-72X3014SMD/dp/B01FHKDQ58/ ref=pd_sim_60_1? _encoding=utf8&pd_rd_i=b01fhkdq58&pd_rd_r=ywcc63ert FEMK3E7F3H6&pd_rd_w=o3wIl&pd_rd_wg=dMfnr&psc=1&refR ID=YWCC63ERTFEMK3E7F3H6 Each request / response pair is independent of previous request / response pair Frontend cannot assume that it is making request to the same server. Might be load balanced, crash,... 7

Where to persist application state? Many options Goals: Cost Efficiency Stability Web Front End Our Node Backend Storage provider 8

Where to persist application state? Should consider how often we need to show it to the user, and how permanently we need to store it Examples: What user is logged in? (Transient, relevant to user and backend) What s in my shopping cart? (Semi-transient, relevant to user and backend) What products am I looking at? (Transient, relevant to user) What are all of the products (Long-term, parts are relevant to users) Frontend (browser) Backend (webserver) Storage provider 9

Where to persist application state URL and query parameters Really small amounts of data Data that should be changed through forward/back buttons in browser Frontend Data we might need to show again soon Fairly small (KB s or few MBs, not 100 MB s or GB s) Data we don t care about going away or being maliciously manipulated In memory on backend Data that we are working with that will fit in memory (MB s probably not GB s) Transient data that can disappear if the server crashes Cache or index of data stored on backend disk, database, or storage provider On backend disk or database Data we need persisted permanently Data that only needs to be used by single server Storage provider Data we need persisted "permanently" Data that we need to share across multiple servers 10

Frontend State: Cookies String associated with a name/domain/path, stored at the browser Series of name-value pairs, interpreted by the web application Create in HTTP response with Set-Cookie: In all subsequent requests to this site, until cookie s expiration, the client sends the HTTP header Cookie: Often have an expiration (otherwise expire when browser closed) Various technical, privacy and security issues Inconsistent state after using back button, third-party cookies, cross-site scripting, 11

Cookies and Requests Web Front End HTTP Request HTTP Response HTTP Request HTTP Response HTTP Request HTTP Response HTTP/1.1 200 OK... Set-Cookie: class=swe432... GET / HTTP/1.1... Cookie: class=swe432... GET / HTTP/1.1... Cookie: class=swe432... Back End 12

Cookies & NodeJS cookie-parser enables reading and writing cookies npm install cookie-parser let cookieparser = require('cookie-parser'); Stateful Hello World const express = require('express'); const cookieparser = require('cookie-parser'); const app = express(); app.use(cookieparser()); app.get('/', (req, res) => { if(req.cookies.hellosent == "true") res.send("i already said hello to you!"); else res.cookie("hellosent","true").send('hello World!'); }); app.listen(3000); 13

Persisting more complex state The most cookies you can have: 4KB (TOTAL per DOMAIN) Old solution Cookie is a key to some data stored on server When client makes a request, server always includes this extra data being stored on server What s wrong with this old solution? Really slow For every request Client passes key to server using cookie loads data corresponding to key Client downloads data as part of HTTP response 14

Frontend State with LocalStorage HTML5 added support for persisting larger data on the frontend localstorage (Persists forever) sessionstorage (Persists until tab is closed) To use localstorage and sessionstorage setitem( key","value"); getitem( key ); var id = localstorage.getitem( userid ); Can store any string All pages in the same domain see the same localstorage and sessionstorage Alternatively: SQLite (SQL DB) that you can use in JS 15

Persisting state on the backend

Storing state in a global variable Global variables var express = require('express'); var app = express(); var port = process.env.port 3000; var counter = 0; app.get('/', function (req, res) { res.send('hello World has been said ' + counter + ' times!'); counter++; }); app.listen(port, function () { console.log('example app listening on port' + port); }); Pros/cons? Keep data between requests Goes away when your server stops Should use for transient state or as cache 17

What forms of data might you have Key / value pairs JSON objects Tabular arrays of data Files 18

Options for backend persistence Where it is stored On your server or another server you own SQL databases, NoSQL databases File system Storage provider (not on a server you own) BLOB store NoSQL databases: Next time 19

Blobs: Storing uploaded files Example: User uploads picture and then? somehow process the file? 20

How do we store our files? Dealing with text is easy - we already figured out firebase Could use other databases too but that s another class! But What about pictures? What about movies? What about big huge text files? Aka Binary Large OBject (BLOB) Collection of binary data stored as a single entity Generic terms for an entity that is array of bytes 21

Working with Blobs Module: express-fileupload Simplest case: take a file, save it on the server app.post('/upload', function(req, res) { var samplefile; samplefile = req.files.samplefile; samplefile.mv('/somewhere/on/your/server/filename.jpg', function(err) { if (err) { res.status(500).send(err); } else { res.send('file uploaded!'); } }); }); Long story... can't app.use(body-parser) when you are handling file uploads. Instead: app.use(express.json()).use(express.urlencoded()); 22

Where to store blobs Saving them on our server is fine, but What if we don't want to deal with making sure we have enough storage What if we don't want to deal with backing up those files What if our app has too many requests for one server and state needs to be shared between load-balanced servers What if we want someone else to deal with administering a server 23

Blob stores Amazon, Google, and others want to let you use their platform to solve this! Distributes file Client Client Uploads file Node Backend Client Client Client Google Cloud Client Client 24

Blob Stores Uploads file Client Node Backend Returns link Google Cloud Typical workflow: Client uploads file to your backend Backend persists file to blob store Backend saves link to file, e.g. in Firebase LaToza/Bell GMU SWE 432 Fall 2016 25

Google Cloud Storage You get to store 5GB for free Setup npm install --save @google-cloud/storage var storage = require('@google-cloud/storage'); var fs = require('fs'); // Authenticating on a per-api-basis. You don't need to do this if you auth on a // global basis (see Authentication section above). var gcs = storage({ projectid: 'grape-spaceship-123', keyfilename: '/path/to/keyfile.json' }); // Create a new bucket. gcs.createbucket('my-new-bucket', function(err, bucket) { if (!err) { // "my-new-bucket" was successfully created. } }); https://www.npmjs.com/package/google-cloud 26

Google Cloud Storage // Reference an existing bucket. var bucket = gcs.bucket('my-existing-bucket'); // Upload a local file to a new file to be created in your bucket. bucket.upload('/photos/zoo/zebra.jpg', function(err, file) { if (!err) { // "zebra.jpg" is now in your bucket. } }); // Download a file from your bucket. bucket.file('giraffe.jpg').download({ destination: '/photos/zoo/giraffe.jpg' }, function(err) {}); 27

Exercise: Where to Persist You are building a news aggregator site and want to recommend articles based on past articles the user has clicked on. Where should you persist this? 28

Exercise: Where to Persist You are building a shopping app and need to track a shopping card. How might you persist this? 29

Where to persist application state Frontend Data we might need to show again soon Fairly small (KB s or few MBs, not 100 MB s or GB s) Data we don t care about going away or being maliciously manipulated In memory on backend Data that we are working with that will fit in memory (MB s probably not GB s) Transient data that can disappear if the server crashes Cache or index of data stored on backend disk, database, or storage provider On backend disk or database Data we need persisted permanently Data that only needs to be used by single server On storage provider Data we need persisted "permanently" Data that we need to share across multiple servers 30

Readings for next time Firebase Get Started https://firebase.google.com/docs/database/web/ start Firebase Structure Data https://firebase.google.com/docs/database/web/ structure-data Firebase Read and Write Data https://firebase.google.com/docs/database/web/ read-and-write 31

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback