DoSSiER

DoSSiER

-NodeJS based server-

Security

Development plans

• have a full implementation of the authentication process

• extend web page functionality

• add automatic uploading of SC and other tests to exercise the system in production

8

13

What is ?

Demo

Console Access

• a structural framework for dynamic web applications

• uses HTML as a template language

• extends HTML's syntax to express the application's components clearly and succinctly.

• Angular's data binding and dependency injection eliminate much of the code one would otherwise have to write.

• the upload feature ensures that one can send data has a json to be saved in the database

Authentication

Developed

Architecture

curl -H -k "Content-Type: application/json" --data-binary "@yourpath" https://dossier.cern.ch/upload

7

*curl is a tool for transferring data from or to a server, using one of the supported protocols. In this example, it sends your local json file to be processed and inserted into the database

What is ?

Content

Passport :

• is a simple, unobtrusive authentication middleware for Node.js.

• used to authenticate requests through an extensible set of plugins known as strategies.

• strategies can range from verifying username and password credentials, delegated authentication using OAuth

• the API is simple: you provide Passport a request to authenticate, and Passport provides hooks for controlling what occurs when authentication succeeds or fails.

*work in progress alongside CERN IT

Thank you!

9

For the front-end web application

For managing the server side

• open source

• highly scalable servers without using threading, by using a simplified model of event-driven programming that uses callbacks to signal the completion of a task.

• was created because concurrency is difficult in many server-side programming languages, and often leads to poor performance.

• connects the ease of a scripting language (JavaScript) with the power of Unix network programming

12

*this approach significantly reduced the amount of code while bringing new functionality and improved visualization

Console Access

Conclusion

6

4

- Introduction

- DoSSiER Node.js-based server design

- Node.js and AngularJS technology

- Current functionality (Web server, command line)

- Security

- Performance

- Authentication

- Demo/conclusion

3

Who else is using NodeJS for production?

• offers the option to retrieve results at a later point

Performance

Introduction

curl -k https://dossier.cern.ch/api/print/yourId

- by using Node.js we obtained:

• an easy to support and further develop platform
• a system that tackles concurrency and threading difficulties through a simplified model event-driven approach
• a lightweight API, easily customizable

- by using AngularJS we obtained:

• enhanced functionality with overlying histograms
• dynamic webpages
• an improved user experience

- started while working on command-line upload tool

- using Node.js on the server, the constant need to translate from JavaScript to server-side framework and the HTTP data from JSON to server-side objects is removed

- we gained practicality by re-using models, and templates, reduced the size of the application which reduces complexity and chance for bugs.

- improved speed mainly due to the fact that V8 compiles JavaScript into native machine code.

- it provides: RESTful API, programmatic access and

a Web Application

* using this command, one can retrieve all related results with the desired id via the terminal and from any C++ program, script

• "loadtest" module was used to force requests per seconds
• This command sends exactly 100 requests per second from 50 different clients, so you can see how your server copes with sustained rps.

2

1

14

10

11

5

Witold Pokorski

Dmitri Konstantinov

Ioana Ifrim