JavaScript Deep Dive: Building Scalable and Secure Microservices with Node.js

JavaScript Deep Dive: Building Scalable and Secure Microservices with Node.js

Many of the posts here on the Twilio blog provide just-in-time learning to help you accomplish a specific software development task, like integrating Twilio Verify into ASP.NET Core Identity. These posts give you the information to get a task done quickly.

We also publish other posts that, taken collectively, help you make architectural decisions and build whole systems of software, not just individual modules. These related posts can rightfully be considered “long reads”. You’ll want to set aside time to get the most out of reading the posts and building their case study projects.

We’re introducing Deep Dive posts to make it easier for you to access these professional development resources. Sometimes a Deep Dive will be a series of posts by a single author. On other occasions we’ll curate a list of posts from a variety of internal and external sources. On every occasion they’ll provide an extensive education on a specific subject.

Our inaugural topic comes from a recent series of tutorial posts by Akamai Senior Software Engineer Maciej Treder, who wrote about building production-ready microservices with JavaScript and Node.js. In four posts he covered everything from the basics of building microservices on Node.js to securing them with two-factor authentication to sharing data between services with a cloud-based persistence layer.

Here’s an introduction to each post, from first to last:

Building JavaScript Microservices with Node.js – If you’re new to building web-based applications in a service architecture, or new to it on Node.js, this post will introduce you to the conceptual foundation of microservices and get you building your first app. You’ll see how to conveniently run multiple services simultaneously so you can test without leaving the comfort of your own machine.

Implementing Eureka and Zuul for Service Discovery and Dynamic Routing in JavaScript Microservices Running on Node.js – Once you can build microservices you need to learn how to implement one of their major advantages: dynamic scaling. This post shows you how to integrate Eureka and Zuul, open source Java applications from Netflix, which provide service discovery and routing so you can dynamically add and remove instances of a service to respond to changes in demand. The code includes deployable Java archives you can use for plug-and-play implementation of these components.

Scaling Node.js JavaScript Microservices on Shared MongoDB Atlas Cloud Persistence Layers – When you’re running multiple instances of a service it’s likely they’ll need to communicate with each other to stay in sync. A cloud-based persistence layer is a natural component of a cloud-based application. This post shows you how to implement the MongoDB Atlas cloud service to provide data persistence across all your services.

Protecting JavaScript Microservices on Node.js with JSON Web Tokens and Twilio Authy – Robust user authentication and fine-grained user authorization are essential features of cloud-based services. The final post in the series shows you how to secure your application with Twilio Authy and make security scalable with JSON Web Tokens (JWTs). With this technique you can provide precise authorization for each API endpoint without having to keep hitting your authorization service: the JWT does the work. Authy ensures only strongly authenticated users can use the encrypted tokens.

We think this series is particularly important because it introduces security into the design of interservice communication and includes a two-factor authentication system that doesn’t rely on SMS: Authy provides 2FA with push authentications and soft tokens. Putting your application’s services on the web exposes them to threats. Scalability and strong security can help you mitigate them.

Maciej Treder has written a number of posts for the Twilio blog on JavaScript and Angular development and security. He’s the author of @ng-toolkit, an open source toolkit for building Angular progressive web apps (PWAs), serverless apps, and Angular Universal apps. He’s also  a frequent conference speaker on PWAs and AU. He’ll be appearing at Connect.Tech in Atlanta, Georgia, October 16th – 18th, 2019. You can reach him at @MaciejTreder on Twitter or at contact@maciejtreder.com.

A. J. Saulsberry is a Technical Editor at Twilio, a company that just can’t handle middle initials. He covers .NET, JavaScript, and Angular for the Developer Voices program, a resource for helping developers teach developers. If you’d like to write a post for Developer Voices and have it appear here on the Twilio blog, get in touch with AJ at asaulsberry@twilio.com.