What is Passport?
Who uses Passport?
Here are some stack decisions, common use cases and reviews by companies and developers who chose Passport in their tech stack.
For our web application's backend, we have decided to create our server using Node.js and npm as our package manager, as this allows us to utilize a developer's skills and knowledge in JS for both the frontend and backend. ExpressJS provides us an easy to learn framework that saves us effort, time and improves productivity in creating our server, while affording us room to add complexity. Passport will be used to implement Oauth2.0 authentication for our web application, allowing our users to sign in with their existing accounts (no one wants to create a remember the password for yet another account). Mongoose will be used to make calls to our backend, this framework will help make these calls more accessible and organized. We have decided to use Redis on our server for any caching we need. This will greatly speed up retrieval times and reduce calls to external sources for any data that could instead be cached on our server. Lastly, we will use Jest as our unit testing framework for our backend as it is very popular and has support for Node.js . Furthermore, this is the same testing framework we will be using for our frontend, thus allowing use quickly learn and implement testing in both frontend and backend.
We have decided to use Heroku as our hosting platform for our server. Heroku provides clear documentation and a quick and simple process to host Node.js applications with their service, along with great support with our version control Git. Furthermore, Heroku also provides a free tier, which allows us to deploy and test our web application from the beginning of development.
MongoDB is our chosen database as a NoSQL database will give us flexibility in storing different types of data and room for scaling our product. We have decided to use MongoDB Atlas to host our database. As they provide a quick and simple start up along with a free tier to host database. Thus, allowing us to rapidly test our server's uses with the database.
My teammates and I are arguing on which library to use for our local and social authentication in our express app between OAuth2 and Passport. I went for Passport cause I personally like it, and it seems easier to implement with good docs, but some of my teammates think it's less secure than OAuth2. So any advice please would be appreciated. Thanks 🙏🏻
Overview: To put it simply, we plan to use the MERN stack to build our web application. MongoDB will be used as our primary database. We will use ExpressJS alongside Node.js to set up our API endpoints. Additionally, we plan to use React to build our SPA on the client side and use Redis on the server side as our primary caching solution. Initially, while working on the project, we plan to deploy our server and client both on Heroku . However, Heroku is very limited and we will need the benefits of an Infrastructure as a Service so we will use Amazon EC2 to later deploy our final version of the application.
Serverside: nodemon will allow us to automatically restart a running instance of our node app when files changes take place. We decided to use MongoDB because it is a non relational database which uses the Document Object Model. This allows a lot of flexibility as compared to a RDMS like SQL which requires a very structural model of data that does not change too much. Another strength of MongoDB is its ease in scalability. We will use Mongoose along side MongoDB to model our application data. Additionally, we will host our MongoDB cluster remotely on MongoDB Atlas. Bcrypt will be used to encrypt user passwords that will be stored in the DB. This is to avoid the risks of storing plain text passwords. Moreover, we will use Cloudinary to store images uploaded by the user. We will also use the Twilio SendGrid API to enable automated emails sent by our application. To protect private API endpoints, we will use JSON Web Token and Passport. Also, PayPal will be used as a payment gateway to accept payments from users.
Client Side: As mentioned earlier, we will use React to build our SPA. React uses a virtual DOM which is very efficient in rendering a page. Also React will allow us to reuse components. Furthermore, it is very popular and there is a large community that uses React so it can be helpful if we run into issues. We also plan to make a cross platform mobile application later and using React will allow us to reuse a lot of our code with React Native. Redux will be used to manage state. Redux works great with React and will help us manage a global state in the app and avoid the complications of each component having its own state. Additionally, we will use Bootstrap components and custom CSS to style our app.
Other: Git will be used for version control. During the later stages of our project, we will use Google Analytics to collect useful data regarding user interactions. Moreover, Slack will be our primary communication tool. Also, we will use Visual Studio Code as our primary code editor because it is very light weight and has a wide variety of extensions that will boost productivity. Postman will be used to interact with and debug our API endpoints.
- Single sign-on with OpenID and OAuth
- Easily handle success and failure