Hello,
> I am investigating using ZappaJS for a project. The latest version
> mentioned on the website http://zappajs.org/ is 0.3.1; the email below
> talks about issues with integration of Express3 in version 0.3.9, although
> I found a version 0.4.18 in the zappajs/jappajs fork on GitHub. I hope the
> docs can be updated! :-)
Nobody currently working on the project owns the zappajs.org domain, so
there isn't much we can do until it expires.
[ That's https://github.com/zappajs/zappajs/issues/59 ]
> (1) Is version 0.4.18 now completely compatible with Express3? Are there
> remaining caveats like the ones in the quoted email below?
That email mostly documented problems with migrating code from Express 2
to Express 3; most of these are issues generic to Express 3 (especially
due to the fact that Express 3 moved to async templating). The one issue
specific to Zappa (dynamic views in filesystem) has been resolved for a
while.
> (2) I want to integrate passport.js or similar for authentication, and I
> want to be able to mark routes and sockets as only accessible to
> authenticated users, or to users with given roles (e.g. admins). What's the
> right way to do this with Zappa?
If I take the example on the passport.js Overview page[1] it should
translate into:
@post '/login', passport.authenticate 'local',
successRedirect: '/'
failureRedirect: '/login'
[1] http://passportjs.org/guide/
In that example ZappaJS will wrap the callback, but it can still work as
usual with the (req,res,next) parameters.
The example on the Authorize page[2] would translate into:
# Our authorization middleware.
my_auth = passport.authorize 'twitter-authz',
failureRedirect:'/account'
# Middleware applies only to this route.
@get '/connect/twitter/callback', my_auth, ->
user = @req.user
account = @req.account
# etc.
[2] http://passportjs.org/guide/authorize/
and as usual in Express if you want to apply some middleware to all
requests:
# Middleware applies to all routes.
@use my_auth
> (3) I want to be able to reuse the HTTP auth for websockets, something like
> https://github.com/alphapeter/socket.io-express . Does Zappa need this sort
> of glue?
Inside ZappaJS Socket.IO code you can do
@session (error,session) ->
which will retrieve the associated Express session.
By default this features is enabled in single-server mode out-of-the-box
as long as your page includes the ZappaJS client-side script.
However (and as far as I know this is unique to ZappaJS) it also works
if you split Express code on one pool of servers and Socket.IO code on
another pool of server, which should be more scalable.
Obviously it doesn't rely on cookies but uses a more complex algorithm[3]
which accesses both sides independently and then binds them through the
back-end database.
[3] https://github.com/zappajs/zappajs/blob/master/docs/share.png
There are complete, working examples demonstrating the distributed
feature.[4][5]
[4]
https://github.com/zappajs/zappajs/blob/master/examples/share_express.coffee
[5]
https://github.com/zappajs/zappajs/blob/master/examples/share_express.coffee
> (4) I want to enable CSRF protection for websockets, which is built into
> connect.js, but has to be added after the cookieParser() and session()
> middleware: http://www.senchalabs.org/connect/middleware-csrf.html . Does
> Zappa enable CSRF protection?
To follow the example on that web page you would do:
@use 'cookieParser', session:{secret:'keyboard cat'},
'bodyParser', 'csrf'
> (I assume not, because there is no user
> authentication built in by default, as far as I can tell?)
ZappaJS is just a wrapper around Express and Socket.IO, with (I hope!)
sensible defaults but no hard opinions on how you should do your job. :)
> (5) Is it possible to enable SPDY in Zappa?
I've never looked into it but judging from the doc[6] it shouldn't be too
hard to integrate.
[6] https://github.com/indutny/node-spdy
In the meantime the following might work, based on the example under
"usage with express" on that page:
# Use `zappa.app` instead of `zappa.run`
zapp = zappa.app ->
# Your regular ZappaJS code here
server = spdy.createServer options, zapp.app
server.listen 443
> (More generally, how does SPDY interplay with SSL, WebSockets,
> HTTP-to-WebSocket handoff, user auth etc. in this context? I'm under the
> impression I need to implement everything twice: HTTP[+SSL][+WebSockets]
> plus SPDY routes to handle the two cases separately?)
My reading of SPDY is that it is a framer that replace multiple TCP
connections to a server with a single one and multiplexes requests over
that connection. Not sure what "SPDY routes" would mean in that case
(the only API available is server-side `push`), the same way that you
don't differentiate HTTP vs HTTPS requests today for example
(i.e. Express routing is based on URIs, not on protocols).
S.
--
You received this message because you are subscribed to a topic in the Google Groups "zappajs" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/zappajs/Xilc-PoBVPk/unsubscribe?hl=en.
To unsubscribe from this group and all its topics, send an email to zappajs+u...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
(1) Can you duplicate this error? Am I doing something wrong?
(2) Is launching Zappa from a file like the starter.js that I listed above the right way to do it? (I couldn't figure out any other way.)(3) (unrelated to the above:) when running in Cloud9, the default port 3000 is blocked, apps need to run on the proxied port 8080. But I can't figure out how to pass the port number into zappa.js. What is the right way to pass in parameters?
Hi Luke,
> (1) Can you duplicate this error? Am I doing something wrong?
You're not, it should work and it doesn't. Apparently some subtlety in
loading Sammy which wasn't there in previous versions.
In my limited tests I was able to get it to work by changing this line:
scripts: '/zappa/Zappa-simple.js /zappa/sammy.js /index.js /client.js'
This loads Sammy independently and makes it happy.
I opened issue #74 on this.
[#74] https://github.com/zappajs/zappajs/issues/74
> (2) Is launching Zappa from a file like the starter.js that I listed above
> the right way to do it? (I couldn't figure out any other way.)
You can start it with the `coffee` interpreter:
coffee app.coffee
> (3) (unrelated to the above:) when running in Cloud9, the default port 3000
> is blocked, apps need to run on the proxied port 8080. But I can't figure
> out how to pass the port number into zappa.js. What is the right way to
> pass in parameters?
Assuming
zappa = require 'zappajs'
`zappa` is actually a shortcut for `zappa.run`, so you can pass the port
this way:
zappa 8080, ->
# Zappa code
There are more options, see
http://zappajs.github.com/zappajs/docs/reference#zapparun
for the complete list.