Introduction to Extracting Configurations

Learn about the content outline and the topics covered in this chapter.

We'll cover the following

Background

Previously, we pretty much wrapped up our application’s features. We added authorization and persistence, ending up with an application connected to a MongoDB instance. In this chapter, we’ll focus on some known best practices that are standard in production applications: basic security practices and dealing with configuration.

First, we’ll add a couple of basic security features to our application programming interface (API), starting with cross-origin resource sharing (CORS) protection, to enable the filtering of requests based on their origin. Then, we’ll learn how to enable HyperText Transfer Protocol Secure (HTTPS) in our application so that it supports encrypted connections. This will allow users to perform requests to the API using a secure connection.

Until now, we’ve used a few secret values, but we weren’t concerned about having them in the code. In this chapter, we’ll extract the configuration and secrets so that they don’t have to live in the code base. We’ll then learn how we can have them safely stored and injected in the application. This way, we can be sure that those values are kept a secret and are not present in the code. By doing this, we’ll also enable different deployments with different configurations.

Moving forward, we’ll explore the capabilities enabled by one specific Deno feature: the ability to compile and run code in the browser. By using Deno’s compatibility with ECMAScript 6 (supported by modern browsers), we’ll share code between the API and the frontend, enabling a whole new world of possibilities.

Leveraging this specific feature, we’ll explore one specific scenario: building a JavaScript client for the API. This client will be built using the same types and parts of code that also run on the server, and we’ll explore the benefits provided by that.

Chapter outline

This chapter wraps up section about building an application of this course, where we built an application step by step, adding some common application features with an incremental approach. While learning, we also made sure this application was as close to real as possible for an introductory course. This enabled us to learn about Deno, many of its APIs, and some community packages while we created a functional application.

By the end of this chapter, you’ll be familiar with the following topics:

  • Enabling CORS and HTTPS
  • Extracting configuration and secrets
  • Running Deno code in the browser

Get hands-on with 1400+ tech skills courses.