NodeJS and CQRS Based REST APIs Using ExpressJS SubApps

Before going on this post, i highly recommend to read first my last post about CQRS , this will give you how i am thinking about CQRS and the added value to build CQRS based REST APIs.

Implementation Steps

  1. Create Authorization Module
  2. Building two SubApps (1st for Commands and other for Queries)
  3. Handle the logging and Authorization
  4. Create App (Entry point) to consume the SubApps

If you are new in NodeJS sub apps – its is an ExpressJS way to extract part of your API functionality in separate JS Node and consume (use) it when ever you need.

lets start with the code …

1. Create Authorization Module

//  ./authorization-handler.js
function functionAuth(req,res,next)
{
     var auth = true; // Write Down Your Auth Logic Here
     if(!auth)
     {
          console.log('Non Authorized To Function.');
          res.status(403).send('Not Authorized');
     }
     else
          console.log('Authorized.');
}

function modelAuth(req,res)
{
     var auth = true; // Write Down Your Auth Logic Here
     if(!auth)
     {
          console.log('Non Authorized To Model.');
          throw ('Invalid Token');
     }
     else
          console.log('Authorized.');
     }

exports.modelAuth = modelAuth;
exports.functionAuth = functionAuth;

2. Building Sub App for Commands

//  ./commands.js (POST, PUT, DELETE)
const express= require('express');
const authhandler = require('./authorization-handler');
var app = new express();

app.on('mount', function (parent) {
  console.log('Commands API Mounted');
});

app.all('*',function(req,res,next){
  try{
    authhandler.modelAuth();
    next();
  }
  catch(ex)
  {
    res.status(403).send(ex)
  }
})
app.post('/get',authhandler.functionAuth,function(req,res,next)
{
  res.send('get command executed');
})

module.exports = app;

3. Building Sub App for Queries

//  ./queries.js
//Do the same as the commands for GET functions

4. Building the Entry Point

//  ./app.js
const express = require('express');
const authhandler = require('./authorization-handler');
const commands = require('./commands');
const queries = require('./queries');
var app = new express();

app.use('/commands',commands);
app.use('/queries',queries);

app.listen(7777,function(req,res){
  console.log('7777 Server Is Working ...');
});

And we have done 🙂

Advertisements

Two Levels Authorization Using NodeJS

Lets first figure out why we might need the two level authorizations specially while building production REST APIs.

1- Implementing CQRS (you can red more about CQRS in last two posts 1 & 2 )
2- Having non-user (Session) token authorization and a user token authorization
3-  You could also use it for logging or any kind of aspect oriented pre-processing functionality.

 

Building the Authorization Module

//Level 1
function level1_auth(req,res)
{
  var auth = true;
  if(!auth)
  {
    console.log('Non Authorized Level1.');
    throw ('Invalid Token');
  }
  else
    console.log('Authorized Level1.');
}

//Level 1
function level2_auth(req,res,next)
{
  var auth = false;
  if(!auth)
  {
    console.log('Non Authorized Level2.');
    res.status(403).send('Not Authorized');
  }
  else
    console.log('Authorized Level2.');
}

exports.level1_auth = level1_auth;
exports.level2_auth = level2_auth;

API

const express= require('express');
const authhandler = require('./authorization-handler');
var app = new express();

//Level 1
app.all('*',function(req,res,next){
  try{
    authhandler.level1_auth();
    next();
  }
  catch(ex)
  {
    res.status(403).send(ex)
  }
})

//Level 2
app.get('/get',authhandler.level2_auth,function(req,res,next)
{
  res.send('get command executed');
})

Thanks,