Node.js is also praised for its scalability and this is what has grabbed the attention of the larger corporates. It can easily handle large volumes of simultaneous requests without burning down the servers. The flexibility of development across platforms is another point in its favor. However, despite its many benefits, it does have some problem areas and incorrect usage simply adds to them. This is where Node.js gets its ‘complicated ’ label from. In reality, the solution may involve tweak in coding practices or incorporating different approaches to building APIs.
To offer further insight into these practices and address common shortcomings, here are a few dos and don’ts to keep in mind.
Pick the right framework
When developing APIs, find the one that suits your use best. For instance, Restify excels in building REST services, whereas Express works wonders with web apps. Different frameworks have their own features and you shouldn’t restrict yourself to those you’re familiar with if the job can be done more efficiently with another tool.
Practice forward-compatible attribute naming
The objects in your API responses will have attribute names, which shouldn’t be picked out without giving it a fair bit of thought. Consider the future use of the API and ensure that the name doesn’t break flow or pose problems as updates roll out. Another key point to remember when naming is that adding new fields to an object doesn’t affect compatibility, but changing the type does. So, pick wisely when you do decide to name an attribute.
Create API documentation
Node.js REST APIs can be used quite extensively, but in order to share these, you need to provider other developers with API documentation. This is crucial and you should consider its importance when you decide to use APIs written by someone else. Work on this healthy practice and use either ‘Swagger’ or ‘API Blueprint’, both open-source projects, to create documentation easily.
Follow the ‘Robustness’ principle
The ‘Robustness’ principle is to be conservative with what you do and be liberal with what is accepted by others. The best example of this principle in action is when dealing with HTTP headers. When responding to the client, the principle states that you should use the preferred header casing. However, with any incoming HTTP headers, you should normalise them into a consistent format, thus making it easier to interpret the values. Apply the principle on a case-by-case basis as there are situations that could lead to errors that are hard to debug.
Block your event loop
Take encryption lightly
While the ‘md5’ algorithm is still quite popular, don’t make the mistake of assuming it is all you need in terms of security. The golden rule, and one you’ll do well to never forget, is that you should always assume that the server will be compromised. The when of it all is a non-issue, but preparing for the inevitable breach is the principle to keep in mind. Naturally, this is a tedious process but one that is well worth it, especially when it comes to user credentials.
Customers trust you with their personal credentials and subpar security measures put a great deal at risk. This is why it is important to employ a more robust and reliable password hashing algorithm. These include:
Such algorithms protect against brute-force attacks and even make the server or application resistant to these in some ways.
Invoke multiple callbacks
The problem here is that these developers may be viewing a callback as the end point of the function. As such, there is potential for error and or ‘callback hell’, which is when the code has several complex nested callbacks, often representing a pyramid pattern. In such situations, code is harder to debug as each callback has an argument in the previous callbacks. Thus, errors in any one function impacts all that follow. Naturally, this should be avoided at all costs.
It may be interesting to also note that there is a workaround for this. Developers may add a ‘return’ before the callback to keep from invoking multiple times. However, since the return statement has almost no significance, it helps avoid the problem too!
Confuse floating points and integer data types
The main reason for this is that operators work differently with the data types. So, during development, if you find yourself needing to work with larger numbers, the ideal solution is to include or utilise a big integer library. These will have the necessary operations to give you the desired results on large precision numbers.
Arming yourself with the right practices when developing using Node.js is easier said than done, but these pointers can help a great deal. In fact, it can help you develop code more efficiently and take your career as a Node.js developer to the next level. To take that step seamlessly and work amongst the best in the industry, sign up with Talent500. Our specialised skill-assessment algorithms is equipped to align your profile with job opening at some of the top Fortune 500 companies.