1

For the past 6 months, I've been working on my own nodeJS app, where I've built everything myself from the ground up. There are only a couple things that my server does, since most of the work in my app is done on the front-end.

One thing I'm currently looking at implementing is a user log-in + facebook authentication system for the app. It seems like every-auth is a much more robust framework for this than anything else out there. However, you need to have Express or Connect to use that.

As such, I'm considering reworking my code to use ConnectJS for (mainly) this purpose. That said, I really like having a really simple server that does only what it needs to do and nothing beyond that. Are there any other modules for authentication that are as robust as every-auth that don't need Connect that anybody would recommend?

And for those of you that do use Connect - how handy are the other features that it offers? Is it worth gzipping data that would be returned by the server? Is the static file server faster or any different than regular nodejs code that does the same thing?

I'm really on the fence right now and would appreciate any thoughts from people who've had experience programming nodejs apps both with and without Connect.

Best,
Sami

AMMENDMENT - if each request that my server receives will at some point involve connecting to MongoDB using node-mongodb-native driver, does this change anything at all? I'm a little confused as to whether or not I can essentially have the code I've already written as a module of sorts that acts as one of the middleware items that I can add to connect. If this sentence showcases that I have a complete misunderstanding of what connect does, I'd appreciate any clarification.

thisissami
  • 15,445
  • 16
  • 47
  • 74

2 Answers2

3

Connect is a middleware framework. This means it's all about separation and implementation of third party (read: yours and everyone else's) middleware. Connect has no overhead compared to a straight node server.

Connect and Express are both very useful. I've also been working with Everyauth and I can say it's a lot easier than setting up all of your OAuth implementations separately(which I've done).

Here are some links:

http://howtonode.org/connect-it

http://tjholowaychuk.com/post/664516126/connect-middleware-for-nodejs

The Express guide: http://expressjs.com/guide.html

and a similar, but not duplicate, stack question: What is Node.js' Connect, Express and "middleware"?

Community
  • 1
  • 1
Chris Biscardi
  • 3,148
  • 2
  • 20
  • 19
  • Thanks for this response Chris. In that case, just so I make sure I understand how it works, I can essentially replace the http module with the connect module and my code should work identically? And then it's just a matter of adding more modules before it gets to my code to add more functionality? If that's the case, then I feel silly for not using it already. – thisissami Nov 14 '11 at 18:38
  • Well, you're not replacing the http module, connect extends the http server, but yes, you will be replacing your http code with connect code and it just adds some additional functionality. – Chris Biscardi Nov 14 '11 at 21:25
  • 2
    @thisissami Yes, that is right. Instead of calling http.createServer(...), you call connect.createServer(). The object returned from connect.createServer() works identically to that returned from the http module, but also has an additional use() function which applies middleware to each incoming request. – Jared Hanson Nov 14 '11 at 21:32
  • 2
    haha the transition was pathetically simple. just had to change my 3 different instances of "http" to "connect" and add a "next" in the callback to the server. – thisissami Nov 15 '11 at 04:06
1

Without knowing the implementation details of your app, and what its functionality is, it is hard to give an accurate assessment about the benefits Connect would bring to your app, as well as how difficult it would be to make the transition.

That being said, I highly recommend using the Connect/Express combo when developing apps. There is a healthy middleware ecosystem developing around Connect, which makes it very easy to drop needed modules into an application, such as logging, compression, and authentication. As you application matures and more features are implemented, having a flexible architecture in place will allow it to evolve more smoothly.

Since your evaluating authentication frameworks, I'll also mention that I'm the developer of Passport, which is an alternative to everyauth that aims to be more modular and unobtrusive. Passport is built on top of Connect as well. However, it is written to be extensible as to the context it operates in (Connect by default), so it should be possible to adapt to other, even home-grown, frameworks.

Jared Hanson
  • 15,940
  • 5
  • 48
  • 45