Categories
Hapi

Server-Side Development with Hapi.js — Cookies and Logs

Hapi.js is a small Node framework for developing back end web apps.

In this article, we’ll look at how to create back end apps with Hapi.js.

Getting Cookies

We can get cookies with the reques.state property.

For instance, we can write:

const Hapi = require('@hapi/hapi');
const init = async () => {
  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0'
  });
  server.route({
    path: '/',
    method: 'GET',
    handler(request, h) {
      const value = request.state.data;
      return h.response(value);
    },
  });
  await server.start();
  console.log('Server running on %s', server.info.uri);
};
process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});
init();

We get the data cookie with the request.state.data property.

When we send the Cookie request header with data=foo as the value, then we see foo in the response.

Clearing a Cookie

We can clear a cookie by calling the unstate method.

For example, we can write:

const Hapi = require('@hapi/hapi');
const init = async () => {
  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0'
  });
  server.route({
    path: '/',
    method: 'GET',
    handler(request, h) {
      return h.response('hello').unstate('data');
    },
  });
  await server.start();
  console.log('Server running on %s', server.info.uri);
};
process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});
init();

We call unstate with the 'data' key to clear the cookie with the key data .

Logging

We can use the server.log or request.log method to log data.

For example, we can write:

const Hapi = require('@hapi/hapi');
const init = async () => {
  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0'
  });
  server.route({
    path: '/',
    method: 'GET',
    handler(request, h) {
      request.log('error', 'something wrong');
      return h.response('hello')
    },
  });
  await server.start();
  console.log('Server running on %s', server.info.uri);
};
process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});
init();

to call request.log with the tag to log and the log content respectively.

The first argument can be a string or an array of strings.

The 2nd argument is optional.

If we want to log something outside a request handler, we can use the server.log method.

For example, we can write:

const Hapi = require('@hapi/hapi');
const init = async () => {
  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0'
  });

  server.log(['test', 'error'], 'Test event');

  server.route({
    path: '/',
    method: 'GET',
    handler(request, h) {
      return h.response('hello')
    },
  });
  await server.start();
  console.log('Server running on %s', server.info.uri);
};
process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});
init();

Retrieving and Displaying Logs

To get the log data and display it, we listen to the log event.

For example, we can write:

const Hapi = require('@hapi/hapi');
const init = async () => {
  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0',
    debug: { request: ['error'] }
  });

  server.route({
    path: '/',
    method: 'GET',
    options: {
      log: {
        collect: true
      }
    },
    handler(request, h) {
      request.log('error', 'Event error');
      return h.response('hello')
    },
  });
  await server.start();
  console.log('Server running on %s', server.info.uri);
};

process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});
init();

We add the debug property to the object in Hapi.server to display the logs.

Then we add options.log.collect property in the route handler object and set that to true .

And then we call request.log to log the event in the request handler.

Then we get the event logged.

Conclusion

We can get and clear cookies and log data with Hapi.

Categories
Hapi

Server-Side Development with Hapi.js — Caching and Cookie

Hapi.js is a small Node framework for developing back end web apps.

In this article, we’ll look at how to create back end apps with Hapi.js.

Caching

We can control caching by setting some properties in our routes.

For example, we can write:

const Hapi = require('@hapi/hapi');

const init = async () => {

  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0'
  });

  server.route({
    path: '/{ttl?}',
    method: 'GET',
    handler(request, h) {
      const response = h.response({
        hello: 'world'
      });
      if (request.params.ttl) {
        response.ttl(request.params.ttl);
      }
      return response;
    },
    options: {
      cache: {
        expiresIn: 30 * 1000,
        privacy: 'private'
      }
    }
  });

  await server.start();
  console.log('Server running on %s', server.info.uri);
};

process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});

init();

We call the route with server.route .

Then we call response.ttl to set the duration of the caching of the response.

We also set the options.cache.expiresIn property to set when the cache expires.

And privacy set whether the cache is private.

Last-Modified Header

We can also set the Last-Modified header added automatically to the response.

For instance, we can write:

const Hapi = require('@hapi/hapi');
const init = async () => {
  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0'
  });
  server.route({
    path: '/{ttl?}',
    method: 'GET',
    handler(request, h) {
      return h.response({ hello: 'world' })
        .header('Last-Modified', lastModified.toUTCString());
    },
    options: {
      cache: {
        expiresIn: 30 * 1000,
        privacy: 'private'
      }
    }
  });
  await server.start();
  console.log('Server running on %s', server.info.uri);
};

process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});
init();

We call header with the Last-Modified key and the and the value

Cookies

We can add a cookie by calling the h.state method.

For instance, we can write:

const Hapi = require('@hapi/hapi');
const init = async () => {
  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0'
  });

  server.route({
    path: '/',
    method: 'GET',
    async handler (request, h) {
      h.state('data', { firstVisit: false });
      return h.response('Hello');
    },
  });
  await server.start();
  console.log('Server running on %s', server.info.uri);
};

process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});
init();

We call h.state with the key and value.

Also, we can write:

const Hapi = require('@hapi/hapi');
const init = async () => {
  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0'
  });

  server.route({
    path: '/',
    method: 'GET',
    async handler (request, h) {
      return h.response('Hello').state('data', { firstVisit: false });
    },
  });
  await server.start();
  console.log('Server running on %s', server.info.uri);
};

process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});
init();

to do the same thing.

We can override the options by writing:

const Hapi = require('@hapi/hapi');
const init = async () => {
  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0'
  });

  server.route({
    path: '/',
    method: 'GET',
    async handler (request, h) {
      return h.response('Hello').state('data', 'test', { encoding: 'none' });
    },
  });
  await server.start();
  console.log('Server running on %s', server.info.uri);
};

process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});
init();

We set the encoding option by calling the state method with a 3rd argument.

Conclusion

We can add caching and set cookies in our web app with Hapi.

Categories
Hapi

Server-Side Development with Hapi.js — Login and Cookie Auth

Hapi.js is a small Node framework for developing back end web apps.

In this article, we’ll look at how to create back end apps with Hapi.js.

Cookie

We can add cookie authentication easily with a few lines of code.

For example, we can write:

const Bcrypt = require('bcrypt');
const Hapi = require('@hapi/hapi');

const users = [{
  username: 'john',
  password: '$2a$10$iqJSHD.BGr0E2IxQwYgJmeP3NvhPrXAeLSaGCj6IR/XU5QtjVu5Tm',
  name: 'John Doe',
  id: '1'
}];

const start = async () => {

  const server = Hapi.server({
    port: 4000,
    host: '0.0.0.0'
  });

  await server.register(require('@hapi/cookie'));

  server.auth.strategy('session', 'cookie', {
    cookie: {
      name: 'sid-example',
      password: '!wsYhFA*C2U6nz=Bu^%A@^F#SF3&kSR6',
      isSecure: false
    },
    redirectTo: '/login',
    validateFunc: async (request, session) => {
      const account = await users.find(
        (user) => (user.id === session.id)
      );

      if (!account) {
        return {
          valid: false
        };
      }

      return {
        valid: true,
        credentials: account
      };
    }
  });

  server.auth.default('session');

  server.route([{
      method: 'GET',
      path: '/',
      handler (request, h) {
        return 'Welcome to the restricted home page!';
      }
    },
    {
      method: 'GET',
      path: '/login',
      handler (request, h) {
        return `<html>
            <head>
                <title>Login page</title>
            </head>
            <body>
                <h3>Please Log In</h3>
                <form method="post" action="/login">
                    Username: <input type="text" name="username"><br>
                    Password: <input type="password" name="password"><br>
                <input type="submit" value="Login"></form>
            </body>
        </html>`;
      },
      options: {
        auth: false
      }
    },
    {
      method: 'POST',
      path: '/login',
      handler: async (request, h) => {

        const {
          username,
          password
        } = request.payload;
        const account = users.find(
          (user) => user.username === username
        );

        if (!account || !(await Bcrypt.compare(password, account.password))) {
          return h.view('/login');
        }

        request.cookieAuth.set({
          id: account.id
        });

        return h.redirect('/');
      },
      options: {
        auth: {
          mode: 'try'
        }
      }
    }
  ]);

  await server.start();
  console.log('server running at: ' + server.info.uri);
};

start();

We have the users array with the user data.

password is the hash of the password. It’s 'secret' in plain text.

The start function has the code for our app.

The Hapi.server function creates the server.

We register the @hapi/cookie module with:

await server.register(require('@hapi/cookie'));

Then we add the user authentication fucntion with:

server.auth.strategy('session', 'cookie', {
  cookie: {
    name: 'sid-example',
    password: '!wsYhFA*C2U6nz=Bu^%A@^F#SF3&kSR6',
    isSecure: false
  },
  redirectTo: '/login',
  validateFunc: async (request, session) => {
    const account = await users.find(
      (user) => (user.id === session.id)
    );

    if (!account) {
      return {
        valid: false
      };
    }

    return {
      valid: true,
      credentials: account
    };
  }
});

We call the server.auth.strategy method to add authentication.

'session' is the name. 'cookie' is the strategy.

The object has the validation logic. cookie sets the cookie secret.

redirect adds the redirect when auth fails.

validateFunc has the logic to validate the credentials.

We check if the user has a valid cookie with:

const account = await users.find(
  (user) => (user.id === session.id)
);

We return an object with the valid property to indicate whether the credentials are valid.

credentials has the credentials for the account.

Then we call server.route to add the routes. The GET / route is the restricted route.

GET /login displays the login form.

We set options.auth to false to let us access the page without authentication.

The POST /login route lets us search for the user with the given username and password.

We validate the password with Bcrypt.compare .

And then we call h.redirect to the route we want to access if the username and password are valid.

Otherwise, we redirect to the login route.

Conclusion

We can create an app with a login page and cookie authentication easily with Hapi.

Categories
Hapi

Getting Started with Server-Side Development with Hapi.js

Hapi.js is a small Node framework for developing back end web apps.

In this article, we’ll look at how to create back end apps with Hapi.js.

Getting Started

We can start by creating a project folder, go into it, and run:

npm install @hapi/hapi

to install the package.

Creating a Server

Once we installed the package, we can create a simple back end app by writing:

const Hapi = require('@hapi/hapi');

const init = async () => {
  const server = Hapi.server({
    port: 3000,
    host: '0.0.0.0'
  });

  server.route({
    method: 'GET',
    path: '/',
    handler: (request, h) => {
      return 'Hello World!';
    }
  });

await server.start();
  console.log('Server running on %s', server.info.uri);
};

process.on('unhandledRejection', (err) => {
  console.log(err);
  process.exit(1);
});

init();

We require the hapi package.

Then we run the Hapi.server method to create the server.

host is set to '0.0.0.0' to listen for request from all IP addresses.

And then to create a route, we call the server.route method.

The method is the request method.

handler is the request handler function.

Then we call server.start to start the server.

Next, we add the unhandledRejection error handler to exit the app gracefully when the app crashes.

Authentication

We can add authentication to our app with a few lines of code.

For instance, we can write:

const Bcrypt = require('bcrypt');
const Hapi = require('@hapi/hapi');

const users = {
  john: {
    username: 'john',
    password: '$2a$10$iqJSHD.BGr0E2IxQwYgJmeP3NvhPrXAeLSaGCj6IR/XU5QtjVu5Tm',
    name: 'John Doe',
    id: '1'
  }
};

const validate = async (request, username, password) => {
  const user = users[username];
  if (!user) {
      return { credentials: null, isValid: false };
  }

const isValid = await Bcrypt.compare(password, user.password);
  const credentials = { id: user.id, name: user.name };
  return { isValid, credentials };
};

const start = async () => {
  const server = Hapi.server({ port: 4000 });
  await server.register(require('@hapi/basic'));
  server.auth.strategy('simple', 'basic', { validate });
  server.route({
    method: 'GET',
    path: '/',
    options: {
        auth: 'simple'
    },
    handler(request, h) {
      return 'welcome';
    }
  });
  await server.start();
  console.log('server running at: ' + server.info.uri);
};

start();

to add simple authentication with the bcrypt and the hapi-basic modules.

The users object has the user data.

The validate function gets the request data from the request parameter.

We get the user by the username .

Then we call Bcrypt.compare to compare the password we entered with the hash we stored in the users object’s password property.

Then we have:

server.auth.strategy('simple', 'basic', { validate });

to add the basic authentication strategy.

And we define our route with the server.route .

The options.auth property is set to the name of the authentication strategy we added.

Now when we go to the / route, we see the login dialog box.

And when we enter john for username and secret for password, we see the welcome response.

Conclusion

We can create a simple app with authentication with Hapi.