Mastering Server-Side Development Using Hapi.js Framework
Written on
Chapter 1: Introduction to Hapi.js
In this article, we'll delve into creating backend applications using the Hapi.js framework, a lightweight Node.js option for web development.
Parsing the Content-Type Header
To interpret the Content-Type request header, we utilize the @hapi/content module. Here’s an example of how to achieve this:
const Hapi = require('@hapi/hapi');
const Content = require('@hapi/content');
const init = async () => {
const server = new Hapi.Server({
port: 3000,
host: '0.0.0.0'
});
server.route({
method: 'GET',
path: '/',
handler(request, h) {
const type = Content.type('application/json; some=property; and="another"');
return type;
}
});
await server.start();
console.log('Server running at:', server.info.uri);
};
process.on('unhandledRejection', (err) => {
console.log(err);
process.exit(1);
});
init();
In this code, invoking Content.type with the specified Content-Type string allows us to parse it effectively. The output we receive will look like this:
{"mime":"application/json"}
Parsing the Content-Disposition Header
Similarly, we can utilize the Content.disposition method to create an object from the Content-Disposition request header. Here's how:
const Hapi = require('@hapi/hapi');
const Content = require('@hapi/content');
const init = async () => {
const server = new Hapi.Server({
port: 3000,
host: '0.0.0.0'
});
server.route({
method: 'GET',
path: '/',
handler(request, h) {
const disp = Content.disposition('form-data; name="file"; filename=file.jpg');
return disp;
}
});
await server.start();
console.log('Server running at:', server.info.uri);
};
process.on('unhandledRejection', (err) => {
console.log(err);
process.exit(1);
});
init();
The result of this operation will yield:
{"name":"file","filename":"file.jpg"}
CSRF Crumb Generation and Validation
Using the @hapi/crumb module, we can generate and validate CSRF crumbs efficiently. Below is a sample implementation:
const Hapi = require('@hapi/hapi');
const Crumb = require('@hapi/crumb');
const init = async () => {
const server = new Hapi.Server({
port: 3000,
host: '0.0.0.0'
});
await server.register({
plugin: Crumb,
options: {}
});
server.route({
path: '/login',
method: 'GET',
options: {
plugins: {
crumb: {}},
handler(request, h) {
return 'success';}
}
});
await server.start();
console.log('Server running at:', server.info.uri);
};
process.on('unhandledRejection', (err) => {
console.log(err);
process.exit(1);
});
init();
In this setup, we register the plugin and create a /login route that allows for crumb validation.
Generating Random Strings with Crypto
The @hapi/cryptiles module enables us to generate various random strings for our Hapi applications. Here’s a basic example:
const Hapi = require('@hapi/hapi');
const cryptiles = require('@hapi/cryptiles');
const init = async () => {
const server = new Hapi.Server({
port: 3000,
host: '0.0.0.0'
});
server.route({
method: 'GET',
path: '/',
handler(request, h) {
return cryptiles.randomString(10);}
});
await server.start();
console.log('Server running at:', server.info.uri);
};
process.on('unhandledRejection', (err) => {
console.log(err);
process.exit(1);
});
init();
This script will return a random string of length 10. Additionally, we can generate alphanumeric strings and random digits in a similar manner:
const Hapi = require('@hapi/hapi');
const cryptiles = require('@hapi/cryptiles');
// Generate Alphanumeric String
// ...
// Generate Random Digits
// ...
Conclusion
We have explored how to parse the Content-Type and Content-Disposition headers using the @hapi/content module. Additionally, we learned how to create random strings using the @hapi/cryptiles module, providing essential tools for robust server-side development.
Chapter 2: Practical Examples
Explore how to build a RESTful API from scratch using Node.js and Express in just 100 seconds.
This comprehensive ethical hacking course covers key concepts in just three hours.