Unless your application is running over HTTPS, communication between your app and the user isn’t encrypted. To encrypt the data, we need an SSL certificate to run over HTTPS.
- [Instructor] Welcome to section…six of this course, security.…Let's dive straight into this section.…This is perhaps the most important…section of them all, as it's focused on security.…We're going to start by adding SSL to our application.…The first step towards making any application secure…is to make sure that no one…can listen in on your communications.…This means running your app over HTTPS,…which happens to be our first video.…To do this, we're going to be generating SSL certificates,…making Express listen on SSL using our certificate,…and terminating SSL using nginx,…so that our app only has to talk HTTP.…
To secure your application,…you first need an SSL certificate.…I've generated a self-signed certificate for this demo,…but you'll want to purchase a certificate…from a reputable certificate authority.…If you do want to generate your own certificate…for development purposes, you can use the following script.…What this does is generate a private key.…Then, it generates a certificate request.…And then, it uses the private key to sign that certificate,…
To start, author Michael Heap creates a new Express application, showing how to configure it and increase application visibility with logs. Explore Express along with various libraries that will help improve your development experience. Then take a look at technologies such as SSL and nginx, and work through deploying your application to production in a secure and scalable way. Michael also introduces some existing open-source Express projects and reviews how they are structured, to help you organize your own applications in a systematic way. By the end of the course, you'll be familiar with a wide range of new Express tools and libraries, all of which will help you deliver the best value to your customers.
- Consuming an API
- Showing results on a webpage
- Caching requests in memory
- Refactoring for testing
- Mocking to remove dependencies
- Spying with Sinon.JS
- Sending and receiving data in real time
- Mounting subapplications
- Serving content conditionally for AJAX
- Securing your app
- Improving performance
- Examining large-scale Express apps: Ghost.org and Balloons.IO