Introduction to Extracting Configurations

Background

Previously, we pretty much wrapped up our application’s features. We added authorization and persistence, ending up with an application connected to a MongoDB instance. In this chapter, we’ll focus on some known best practices that are standard in production applications: basic security practices and dealing with configuration.

First, we’ll add a couple of basic security features to our application programming interface (API), starting with cross-origin resource ...