Teaching How to use Nginx to frontend your backend services with Trusted CA certificates on HTTPS

Now days with the adoption of Serverless architectures, microservices are becoming a great way to breakdown problem into smaller pieces. One situation that is common to find, is multiple backend services running on technologies like NodeJS, Python, Go, etc. that need to be accessible via HTTPS. It is possible to enable these internal microservices directly with SSL over HTTPS, but a cleaner approach is to use a reverse proxy that front ends these microservices and provides a single HTTPS access channel, allowing a simple internal routing.

In this blog, I am showing how simple it is to create this front end with Nginx and leveraging “Let’s encrypt” to generate trusted certificates attached to it, with strong security policies, so that our website can score an A+ on cryptographic SSL tests conducted by third party organizations.

Continue reading “Teaching How to use Nginx to frontend your backend services with Trusted CA certificates on HTTPS”

Teaching how to use MongoDB and expose it via NodeJS APIs

 

Hi, we are starting to use different technologies to build complex scenarios around APIs. It’s getting common to use popular NoSQL DBs like MongoDB.

For this reason, I decided to build this very easy to follow blog that will help you get started with MongoDB and build simple REST APIs using NodeJS via the Express module.

The use case is simple, we are going to build a MongoDB to store users information that eventually (in a future blog) we are going to use to send SMS and Voice call notifications… But for now we are keeping things simple, we are starting by demystifying the use of MongoDB with NodeJS.

The code that sends the SMS/Voice call notifications in NodeJS via Twilio is out of the scope of this blog, but if you want to use it, you can find it here.

Pre-requisites

 

This blog is about simplicity, so we are going to build a simple HelloWorld sample that starts from scratch and interacts (GET and POST) with a MongoDB via Express APIs.

 

Installing and playing with MongoDB

 

In this section, I am going to show you how to install and get your MongoDB up and running. This is going to be the DB that we are going to use in a future blog to send SMS and voice call notifications to people.

Note: I am using Ubuntu, adjust if using other OS (e.g. yum if using OEL/RH):

sudo apt-get install mongodb

  • Validate the installation by running mongo client – This should connect to the running MongoDB Server

  • In the mongo client prompt, create a simple test database called myTestDB:

    use myTestDB


  • The database doesn’t really exist until we add some data. The best thing of MongoDB is that you store JSON payloads into it. This makes it very friendly when interacting with APIs.

     

    In our case, we want to build a notification service and we want to store the contact details of the recipients. Something like:

     

    {“name”:”Carlos”, “mobile”:”+615550505″, “msg”:”Hello World”}

     

    Note that we are not defining ids, mongoDB will take care of it.

     

  • Still within the mongo client db type the following inserts each followed by ab enter:

     

    db.usercollection.insert({ “name” : “Carlos”, “mobile” : “+615550505”, “msg” : “+Hello World”})

    db.usercollection.insert({ “name” : “Dave”, “mobile” : “+616660606”, “msg” : “+Hello World again”})

    db.usercollection.insert({ “name” : “Serene”, “mobile” : “+617770707”, “msg” : “+Hello World once more”})

     

     

  • Now, simply retrieve the inserted collection

    db.usercollection.find().pretty()


  • You can also add a JSON array of JSON payloads, so that you can insert a bulk of entries to MongoDB. For example:

     

    users = [{“name”:”Callan”, “mobile”:”+618880808″, “msg”:”More stuff”},{“name”:”Alessia”, “mobile”:”+612220202″, “msg”:”Stuff plus stuff”}]

     

    db.usercollection.insert(users);

     

  • Once again, retrieve the inserted collection:

    db.usercollection.find().pretty()


  • You can also use the usercollection object to remove individual entries by _id:

    db.usercollection.remove( {“_id”: ObjectId(“ID_GOES_HERE”)});

  • To completely clean up all your entries, you can simply use:

    db.usercollection.remove()

     

  • If you only want to use mong client to switch to a MongoDB and print a specific collection you can do this:

     

    • From Linux shell:             mongo [db_name]
    • Then, from within the mongo client:

      c = db.[collection_name];

      c.find().pretty()

  • To list all Collections in current db:

    db.getCollectionNames()

  • If you are using a MongoDB that requires authentication, you might need to create a specific user(s) under specific databases. For this follow the next steps:

     

  1. Using mongo client, login to admin db as administrator:

     

    mongo admin –username root –password [GIVEN_PASSWORD]

     

    Note: If using Bitnami, [GIVEN_PASSWORD] is the same as the OS root password.

     

  2. Switch to your MongoDB database:

     

    use [DATABASE]

     

  3. Create a new user(s)

     

    db.createUser(

    {

    user: “USER-GOES-HERE”,

    pwd: “PASSWORD-GOES-HERE”,

    roles: [ “readWrite”, “dbAdmin” ]

    }

    )

     

    Note: Substitute USER-GOES-HERE and PASSWORD-GOES-HERE with your own values.

     

  4. That’s it, you can now use that username and password to authenticate and grant read and write access to your db. If using monk in NodeJS as shown below in this blog, make sure to add the credentials in the connection string. A simple way to achieve this is by adding “USER:PASSWD@” before the server name.

     

    For example:

     

    var db = monk(USER + ‘:’ + PASSWD + ‘@’ + MONGODB_SERVER + ‘:’ + MONGODB_PORT + ‘/’ + DB_NAME);

 

 

For more information: https://docs.mongodb.com/manual/reference/mongo-shell/

 

Ok, our MongoDB is behaving well. Let’s run it together with our Express NodeJS code.

 

Building a simple Express JS API that interacts with a MongoDB

 

Now that we have a running MongoDB server running, let’s build a simple NodeJS code that will expose simple Express REST APIs to interact with your MongoDB.

I am going to explain below those snippets that require explanation, however before continuing make sure that you have downloaded/cloned the NodeJS project found here: https://github.com/barackd222/s2v-iia-nodejs-mongodb-crud-demo

The bits that you need to pay special attention from the NodeJS code:

  • app.js – This is a very standard Express JS code that starts a service listening in a specific port. In terms of MongoDB, notice the following snippets:

     

    • You need to require mongodb module, as well as monk.

  • Monk is going to give you the ability to connect to a MongoDB running somewhere. Think of it as a JDBC connection, in the relational database world, if you like.

  • Configuring the Express app to add the Monk db as part of it, so that it can be accessed within the request variable in each REST API.

 

  • The rest is just adding the right headers for the requests and starting the listening service.

 

  • mongoDBCrudAPIs.js – This file is where I define my REST APIs. At the time of writing this blog I just added 2 APIs, one that GET all Users in the MongoDB and the other that POST a new user.

     

    • GET /users – This is a very
      typical Express GET API. Inside the body though that’s where we:
      • Retrieve the monk DB connection that points to the MongoDB
      • Builds the Collection object as we did in the MongoDB console before
      • Runs a Find ALL function on the collections object that it built in the previous step
      • Sends back the resulting JSON payload as the API response. Notice that you can iterate and do whatever you want with this result

  • POST /user – Once again, this is a very typical POST Express API that retrieves some JSON body elements from the request. In terms of MongoDB, the bits that are worthwhile showing are:
    • Retrieve the monk DB connection that points to the MongoDB

  • Builds the Collection object as we did in the MongoDB console before
  • Uses the collection to insert the new user in a JSON format
  • Then it just handles errors if any. Otherwise return a successful response


  • Package.json – Make sure to add the right modules, so that you can run your NodeJS Application without having to manually install dependencies. In this case I am using:
    • express – To build the REST APIs
    • mongodb – To bring internal MongoDB libraries
    • monk – To help establish the MongoDB db connection
    • body-parser – To parse the incoming JSON requests

 

Let’s test our NodeJS Application

If you have been following this blog, at this point you have a few users in your “myTestDB” MongoDB, that you enter via the mongo client command line earlier.

  • I am using Postman to call the APIs, you can use your preferred test REST client. Let’s first try to retrieve these users.

  • Great job, now invoke your POST API to create a new one. In my case this is the JSON that I am sending:

{“name”:”Jason”,

“mobile”:”+6115791010101″,

“msg”:”Hi. This message comes from POSTMAN “}

 

Note: Make sure to add your header Content-type set to application/json

 

 

  • Now call the GET
    /users API again and make sure your new user is retrieved

Congratulations, you just managed to do very basic, yet powerful tasks using MongoDB as the backstore and NodeJS to expose interactive REST APIs via Express JS

 

If you have any comment, feel free to contact any of the authors of solutionsanz.blog – We are here to help you!

Thanks,