Backend as a Service(BaaS) is an emerging cloud computing service model and here we try to explain what BaaS is and why Node.js is ideal for BaaS implementations
Backend as a Service(BaaS)
Backend as a service (BaaS) is a cloud computing service model that serves as the middleware which provides developers with ways to connect their web and mobile applications to cloud services via application programming interfaces (APIs) and software developers’ kits (SDKs). BaaS is relatively new and there are very few available providers when compared to other cloud computing service models.
Features offered by BaaS comprise cloud storage, server code, file management, push notifications, location services, social networking integration, and user management as well as many backend services. These services have their own APIs. The APIs allow the services to be integrated into any application easily. Although some of BaaS’s features are like those of other service models like SaaS, IaaS and PaaS, BaaS specifically addresses the needs of web and mobile applications.
BaaS provides formidable means to consistently access backend data which results in developers not having to develop multiple backends for each service that the applications access.
Although BaaS boasts a lot of benefits, it is also important to take note of the user-interface (UI) creation as it communicates directly with end users. The UI connects the application to third party or proprietary APIs connected to the backend.
The key downside to BaaS services is vendor lock-in. But considering the advantages, this might be of less significance depending on the type of business. Vendors design RESTful APIs for clients to consume their services.
Application Programming Interface (API)
APIs (application programming interfaces) enable software applications to communicate with other. This can either be between internal components of an application or to connect to an external service.
A great way of maintaining scalability and productivity in development is to use API-based components and services. Modules and components developed to facilitate APIs can be used to develop multiple applications, which enhances scalability and facilitates easier maintenance.
Many online services have front-facing APIs that can be used to easily integrate social media logins, credit card payments, behavior tracking, and many other functionalities. The implementation of these services via APIs can be done using a common standardized protocol for communication which is supported by them all. We will use REST here.
REST stands for REpresentational State Transfer and is used to access and manipulate data using several stateless operations. These operations are integral to the HTTP protocol and represent an essential CRUD functionality (Create, Read, Update, Delete).
The HTTP operations available are:
- POST (create a resource or generally provide data)
- GET (retrieve an index of resources or an individual resource)
- PUT (create or replace a resource)
- PATCH (update/modify a resource)
- DELETE (remove a resource)
Using the operations listed above and a resource name as an address, a REST API can be built by creating an endpoint for each operation. We will have a solid foundation for our services by implementing this pattern which can be evolved, scaled and maintained with ease. The same foundation will be used to integrate third-party features, most of which use REST APIs, making such integration faster.
Although many platforms and programming languages can be used to build REST APIs, we will be focusing on Node.js in this article.
As an infrastructure, Node.js is designed for building scalable network applications. It is relatively simple to set up Node.js on a local machine, and you can have your server running with a few lines of code. Even some cloud services such as AWS (Amazon Web Services) run Node.js, enabling you to run a serverless application.
Now, let’s have a look at the basics required to create a secure REST API using Node.js. We are going to give a brief on how to create a common but practical REST API for a resource called users.
Our resource will have the following basic structure:
- id (an auto-generated UUID)
- permissionLevel (used to control user’s permissions)
Then we will create the following operations for that resource:
- [POST] endpoint/users
- [GET] endpoint/users (list users)
- [GET] endpoint/users/:userId (get specific user)
- [PATCH] endpoint/users/:userId (update the data for the specified user)
- [DELETE] endpoint/users/:userId (remove the specified user)
JWT (JSON Web Token) will also be used for access tokens, and we will create another resource called ‘auth’ that will expect user email and password and in return will generate the token used for authentication on certain operations.