Section 1.11: How to get a basic HTTPS web server up and running!

4. create a new certificate authority using this configuration :

openssl req -new -x509 -days 9999 -config ca.cnf -keyout ca-key.pem -out ca-cert.pem



5. now that we have our certificate authority in ca-key.pem and ca-cert.pem, let's generate a private key for

the server :

openssl genrsa -out key.pem 4096



6. grab this server.cnf file to use as a configuration shortcut :

wget https://raw.githubusercontent.com/anders94/https-authorized-clients/master/keys/server.cnf



7. generate the certificate signing request using this configuration :

openssl req -new -config server.cnf -key key.pem -out csr.pem



8. sign the request :

openssl x509 -req -extfile server.cnf -days 999 -passin "pass:password" -in csr.pem -CA cacert.pem -CAkey ca-key.pem -CAcreateserial -out cert.pem



Step 2 : Install your certificate as a root certificate

1. copy your certificate to your root certificates' folder :

sudo cp ca-crt.pem /usr/local/share/ca-certificates/ca-crt.pem



2. update CA store :

sudo update-ca-certificates



Step 3 : Starting your node server

GoalKicker.com – Node.js Notes for Professionals



17



First, you want to create a server.js file that contains your actual server code.

The minimal setup for an HTTPS server in Node.js would be something like this :

var https = require('https');

var fs = require('fs');

var httpsOptions = {

key: fs.readFileSync('path/to/server-key.pem'),

cert: fs.readFileSync('path/to/server-crt.pem')

};

var app = function (req, res) {

res.writeHead(200);

res.end("hello world\n");

}

https.createServer(httpsOptions, app).listen(4433);



If you also want to support http requests, you need to make just this small modification :

var http = require('http');

var https = require('https');

var fs = require('fs');

var httpsOptions = {

key: fs.readFileSync('path/to/server-key.pem'),

cert: fs.readFileSync('path/to/server-crt.pem')

};

var app = function (req, res) {

res.writeHead(200);

res.end("hello world\n");

}

http.createServer(app).listen(8888);

https.createServer(httpsOptions, app).listen(4433);



1. go to the directory where your server.js is located :

cd /path/to



2. run server.js :

node server.js



GoalKicker.com – Node.js Notes for Professionals



18



Chapter 2: npm

Parameter

Example

npm publish --access=public

access

bin



npm bin -g



edit



npm edit connect



help



npm help init



init



npm init



install



npm install



link



npm link



prune



npm prune



publish



npm publish ./



restart



npm restart



start



npm start



stop



npm start



update



npm update



version



npm version



Node Package Manager (npm) provides following two main functionalities: Online repositories for node.js

packages/modules which are searchable on search.nodejs.org. Command line utility to install Node.js packages, do

version management and dependency management of Node.js packages.



Section 2.1: Installing packages

Introduction

Package is a term used by npm to denote tools that developers can use for their projects. This includes everything

from libraries and frameworks such as jQuery and AngularJS to task runners such as Gulp.js. The packages will

come in a folder typically called node_modules, which will also contain a package.json file. This file contains

information regarding all the packages including any dependencies, which are additional modules needed to use a

particular package.

Npm uses the command line to both install and manage packages, so users attempting to use npm should be

familiar with basic commands on their operating system i.e.: traversing directories as well as being able to see the

contents of directories.



Installing NPM

Note that in order to install packages, you must have NPM installed.

The recommended way to install NPM is to use one of the installers from the Node.js download page. You can

check to see if you already have node.js installed by running either the npm -v or the npm version command.

After installing NPM via the Node.js installer, be sure to check for updates. This is because NPM gets updated more

frequently than the Node.js installer. To check for updates run the following command:

npm install npm@latest -g



How to install packages

GoalKicker.com – Node.js Notes for Professionals



19



To install one or more packages use the following:

npm install

# or

npm i ...

# e.g. to install lodash and express

npm install lodash express



Note: This will install the package in the directory that the command line is currently in, thus it is

important to check whether the appropriate directory has been chosen

If you already have a package.json file in your current working directory and dependencies are defined in it, then

npm install will automatically resolve and install all dependencies listed in the file. You can also use the shorthand



version of the npm install command which is: npm i

If you want to install a specific version of a package use:

npm install @

# e.g. to install version 4.11.1 of the package lodash

npm install lodash@4.11.1



If you want to install a version which matches a specific version range use:

npm install @

# e.g. to install a version which matches "version >= 4.10.1" and "version < 4.11.1"

# of the package lodash

npm install lodash@">=4.10.1 <4.11.1"



If you want to install the latest version use:

npm install @latest



The above commands will search for packages in the central npm repository at npmjs.com. If you are not looking to

install from the npm registry, other options are supported, such as:

# packages distributed as a tarball

npm install

npm install

# packages available locally

npm install

# packages available as a git repository

npm install

# packages available on GitHub

npm install /

# packages available as gist (need a package.json)

npm install gist:

# packages from a specific repository

npm install --registry=http://myreg.mycompany.com



GoalKicker.com – Node.js Notes for Professionals



20



# packages from a related group of packages

# See npm scope

npm install @/(@)

# Scoping is useful for separating private packages hosted on private registry from

# public ones by setting registry for specific scope

npm config set @mycompany:registry http://myreg.mycompany.com

npm install @mycompany/



Usually, modules will be installed locally in a folder named node_modules, which can be found in your current

working directory. This is the directory require() will use to load modules in order to make them available to you.

If you already created a package.json file, you can use the --save (shorthand -S) option or one of its variants to

automatically add the installed package to your package.json as a dependency. If someone else installs your

package, npm will automatically read dependencies from the package.json file and install the listed versions. Note

that you can still add and manage your dependencies by editing the file later, so it's usually a good idea to keep

track of dependencies, for example using:

npm install --save # Install dependencies

# or

npm install -S # shortcut version --save

# or

npm i -S



In order to install packages and save them only if they are needed for development, not for running them, not if

they are needed for the application to run, follow the following command:

npm install --save-dev # Install dependencies for development purposes

# or

npm install -D # shortcut version --save-dev

# or

npm i -D



Installing dependencies

Some modules do not only provide a library for you to use, but they also provide one or more binaries which are

intended to be used via the command line. Although you can still install those packages locally, it is often preferred

to install them globally so the command-line tools can be enabled. In that case, npm will automatically link the

binaries to appropriate paths (e.g. /usr/local/bin/) so they can be used from the command line. To install

a package globally, use:

npm install --global

# or

npm install -g

# or

npm i -g

# e.g. to install the grunt command line tool

npm install -g grunt-cli



If you want to see a list of all the installed packages and their associated versions in the current workspace, use:

npm list

npm list



Adding an optional name argument can check the version of a specific package.

GoalKicker.com – Node.js Notes for Professionals



21



Note: If you run into permission issues while trying to install an npm module globally, resist the temptation to issue

a sudo npm install -g ... to overcome the issue. Granting third-party scripts to run on your system with

elevated privileges is dangerous. The permission issue might mean that you have an issue with the way npm itself

was installed. If you're interested in installing Node in sandboxed user environments, you might want to try using

nvm.

If you have build tools, or other development-only dependencies (e.g. Grunt), you might not want to have them

bundled with the application you deploy. If that's the case, you'll want to have it as a development dependency,

which is listed in the package.json under devDependencies. To install a package as a development-only

dependency, use --save-dev (or -D).

npm install --save-dev // Install development dependencies which is not included in

production

# or

npm install -D



You will see that the package is then added to the devDependencies of your package.json.

To install dependencies of a downloaded/cloned node.js project, you can simply use

npm install

# or

npm i



npm will automatically read the dependencies from package.json and install them.

NPM Behind A Proxy Server

If your internet access is through a proxy server, you might need to modify npm install commands that access

remote repositories. npm uses a configuration file which can be updated via command line:

npm config set



You can locate your proxy settings from your browser's settings panel. Once you have obtained the proxy settings

(server URL, port, username and password); you need to configure your npm configurations as follows.

$ npm config set proxy http://:@:

$ npm config set https-proxy http://:@:

username, password, port fields are optional. Once you have set these, your npm install, npm i -g etc. would work



properly.



Section 2.2: Uninstalling packages

To uninstall one or more locally installed packages, use:

npm uninstall



The uninstall command for npm has five aliases that can also be used:

npm remove

npm rm

npm r

npm unlink



GoalKicker.com – Node.js Notes for Professionals



22



npm un



If you would like to remove the package from the package.json file as part of the uninstallation, use the --save flag

(shorthand: -S):

npm uninstall --save

npm uninstall -S



For a development dependency, use the --save-dev flag (shorthand: -D):

npm uninstall --save-dev

npm uninstall -D



For an optional dependency, use the --save-optional flag (shorthand: -O):

npm uninstall --save-optional

npm uninstall -O



For packages that are installed globally use the --global flag (shorthand: -g):

npm uninstall -g



Section 2.3: Setting up a package configuration

Node.js package configurations are contained in a file called package.json that you can find at the root of each

project. You can setup a brand new configuration file by calling:

npm init



That will try to read the current working directory for Git repository information (if it exists) and environment

variables to try and autocomplete some of the placeholder values for you. Otherwise, it will provide an input dialog

for the basic options.

If you'd like to create a package.json with default values use:

npm init --yes

# or

npm init -y



If you're creating a package.json for a project that you are not going to be publishing as an npm package (i.e. solely

for the purpose of rounding up your dependencies), you can convey this intent in your package.json file:

1. Optionally set the private property to true to prevent accidental publishing.

2. Optionally set the license property to "UNLICENSED" to deny others the right to use your package.

To install a package and automatically save it to your package.json, use:

npm install --save



The package and associated metadata (such as the package version) will appear in your dependencies. If you save if

as a development dependency (using --save-dev), the package will instead appear in your devDependencies.

With this bare-bones package.json, you will encounter warning messages when installing or upgrading packages,

telling you that you are missing a description and the repository field. While it is safe to ignore these messages, you

GoalKicker.com – Node.js Notes for Professionals



23



can get rid of them by opening the package.json in any text editor and adding the following lines to the JSON object:

[...]

"description": "No description",

"repository": {

"private": true

},

[...]



Section 2.4: Running scripts

You may define scripts in your package.json, for example:

{

"name": "your-package",

"version": "1.0.0",

"description": "",

"main": "index.js",

"author": "",

"license": "ISC",

"dependencies": {},

"devDependencies": {},

"scripts": {

"echo": "echo hello!"

}

}



To run the echo script, run npm run echo from the command line. Arbitrary scripts, such as echo above, have to be

be run with npm run