Pset 2: Node.js

The goal of this pset is to learn Node.js and it’s Express web server. You will adapt your pset 1 implementation so the client’s requests get routed to your own server. Your server, will forward the requests to the Harvard Art Museums API, and relay the responses back to the client. While this is strictly more complicated than the way you handled queries in pset 1, it allows you to keep your art museum API key secret and, in a future pset, will allow you to store interesting user history and preferences (such as a users’ favorite objects) in a database. It also allows you to get familiar with Node.js, which is indispensable for larger frameworks such as vue.

For background on Node, see the wiki page.

Ground Rules

  • Your entire application should be contained within a single Node.js project.
  • All client requests to the Harvard Art Museums API should be directed to your own server. Your sever code must generate the actual API request, adding the API key, and relay the response to the client. Your client may still make IIIF requests directly, without going through your server.
  • Your server must authenticate users via either GitHub or Google. See “Useful Node.js Modules” below for some information on how to do this. For the time being you are just learning how to implement authentication, you don’t have to do anything with the login information.
    • When you clients your main page (e.g. index.html), they should be redirected to a login page if they are not logged in.
    • When clients access any of your API proxies, the requests should fail if the user is not logged in.
    • The Passport module will take care of both these requirements for you.
  • You must provide some ability to save some user state on the server between sessions. For example, you could save users’ search history so they can rerun past searches. You’ll need to use a session management module, such as express-session. Here’s a fairly recent blog post about how to use express-session, and you can find plenty more with a quick search.
  • Your code should be well commented so we can understand what it does and why. Please leave in any debugging code you add.
  • You must use ES6/”modern” JavaScript:
    • Use let instead of var to declare variables.
    • Use fetch() for all network requests.
    • As an exception, you are welcome to use require() in your Node.js code instead of or alongside ES6’s import directive.
  • You may use additional Node.js packages, installed via npm as needed, but don’t go overboard. The packages you need for this pset should all be listed in the sections below. You won’t need Webpack or Babel, but you are welcome to tuse them. Do not use jQuery or any other non-Node frameworks.
  • The client side of your application is still going to be really ugly. You’ll make it nice in the next pset.

Installing Node.js

Node.js is already installed in ide50. You get the added advantage that you can fire up your Express application, close the ide50 tab in your browser, and it will keep running (once we sort out the current issues running a server in ide50).

If you don’t want to use ide50, you can install Node.js on linux via your package manager, on Mac via Homebrew or MacPorts, or on any platform by following the instructions at There is no need for the latest, greatest version–8.12.0 or newer is fine–but make sure you install npm as well.

Learning Node.js

Start with the learnyounode tutorial, through the “Make It Modular” lesson. The HTTP sections of the tutorial are superceded by Express. Keep in mind that learnyounode uses old-style Javascript; you should use let instead of var, not to mention arrow functions and all the other nifty ES2015 goodies.

Continue with Robbie Jaeger’s Introduction to Node’s Express JS, and the Express’s own (Getting Started)[] pages. (Getting started is its own menu in the navbar, with several subsections.) If you are using ide50, you may need to change the port in the app.listen() call to 8080 or something similar.

Debugging Node.js

The easiest way to debug your Node.js code is through Chrome. See the Debugging Guide for instructions. If you are developing on ide50, you may need to bind the debugger to instead of the default

Useful Node.js Modules

In addition to Express, you’ll need some additional modules:

  • cross-fetch: Node.js doesn’t currently support fetch(), which has the additional side effect of triggering “compile” errors when you use it in client code that will never execute on the server. The cross-fetch module provides an implementation of fetch for server-side Node.js code, and continues to use the browser’s fetch implementation for client-side code. It also provides a browser polyfill that implements fetch on older browsers that don’t support it natively.

  • passport: This is authentication middleware for Express so you don’t have to worry about the hassles of authentication yourself. You can find tolerable documentation on the (Passport web site)[]. Passport has support for Google, Facebook, and Twitter authentication out of the box, and supports plugins for other providers. For this pset, you should authenticate against either Google or Github (see below).

  • passport-github: This extra module provides the layer for Passport to authenticate against github. If you choose to authenticate against Google you won’t need it. On the other hand, the instructions for getting an API key out of Github are a bit clearer than the instructions for getting one out of Google.