Building Enterprise Mobile Backends with Open Source Platforms
40
Building Enterprise Mobile Backends with Open Source Platforms Antonio Calanducci http://www.etnatraining.it
-
Upload
etnatraining -
Category
Technology
-
view
5.001 -
download
2
description
In the last couple of years several Mobile Backend as a Service (MBaaS) providers are hitting the market offering varying level of services and features. While those services are great to have backends for mobile and web apps ready in minutes and often without writing any server side code, those solutions are not always suitable in the enterprise context, where security and data privacy are key requirements. Moreover, most of the MBaaS on the market, while sharing similar features, such as User Management, Photo Collections, Custom Objects, Push Notifications and Social Network integration, often don't offer capabilities of connecting to existing data. In this workshop, we introduce two open source platforms, DreamFactory and LoopBack, that permit to create custom Backends on your data center or in your own cloud hosting. This allows a company to use the same deployment and management practices that they are already using for other applications. They don?t need to trust external MBaaS providers that could have potentially access to their data. In particular, we illustrate how those platforms permit to securely expose existing data coming from different source, building CRUD REST APIs to be consumed by mobile clients and HTML5 web apps. Data sources could be relational or non-relational database or in turn other REST APIs, with the ability to create relations and associations between them. Additionally API access can be restricted with user authentication and authorization implementing Access Control Lists.After demoing the two platforms, we will provide a comparison between them.
Transcript of Building Enterprise Mobile Backends with Open Source Platforms
Building Enterprise Mobile Backends with Open Source Platforms
Antonio Calanducci
http://www.etnatraining.it
www.etnatraining.it
Agenda!
Overview of mBaaS features
Enterprise requirements for mobility
DreamFactory, the open source REST API platform
Demo
Build your own mobile backend with LoopBack
Demo
www.etnatraining.it
About meFounder of EtnaTraining
Appcelerator Training Partner
Titanium Certified Instructor / Developer
Tecnologyst@National Institute of Nuclear Physics and contract professor@University of Catania, Italy
Consultant at World Food Programme, Rome
@tcaland
www.etnatraining.it
BaaS OverviewAcronym of “Backend as a Service”
APIs that offer a set of predefined services out of the box for application developers
Example of services:
Users, Files, Collections, Custom Objects, Email, Photos, Social Integrations, Analytics
Push Notifications, Locations, Geofencing (m)
mBaaS: m stands for “mobile”
www.etnatraining.it
Benefits of mBaaSReduce server side coding (or in some simpler cases, eliminate)
developers can focus on front-end development; faster schedules
often providers offer SDKs that wrap REST API calls and handle in/out parameters:
both HTML/JS and native (iOS, Android, Windows Phone)
No server setup hassle, ready to use
Deployed on the cloud, with built-in scalability
www.etnatraining.it
Popular mBaaS providersParse (acquired by Facebook)
JSON Objects, Social, Local Datastore, Custom server-side login, Push
20Gb storage/2TB transfer/1M recipients/30req/s
Kinvey
AuthLinks/OAuth/Data encryption
100 active users/2Gb/5M push-emails
Appcelerator Cloud Services (ACS)
20built-in services, 5M API calls per month, 20Gb, 250k API calls per day, Custom Server-side with Node.js
www.etnatraining.it
Commercial mBaaS for enterprise?Generally data backed on NoSQL db
Enterprise requirements:
generally uses SQL db
integrate with legacy databases
access (structured) relational data with ACLs
Biggest problems: data privacy
where data is stored? who has access to it? is data replicated? disaster recovery plans
Data lock-in
Any solution?
Build your OWN mBaaS and deploy it on-premises
(or your virtual private cloud)
www.etnatraining.it
DreamFactory: enter the Service PlatformProvides access to backend services through a standard REST APIs to:
local and remote SQL Services
storage services
NoSQL databases
No lock-in:
backend can be swapped while app is running or switched easily from development, test, production environments
no need to recode client apps
www.etnatraining.it
Cloud Lock-inThe API Jungle!
Developer!
Different interfaces, security models, and!
user permissions!
NoSQL!
IaaS!
SQL!
External!Storage!
PaaS!
www.etnatraining.it
DreamFactory Service Platform
Client!Developer!
Unified interface,!security model, and!user permissions!
NoSQL!
IaaS!
SQL!
External!Storage!
PaaS!
www.etnatraining.it
DreamFactory: featuresOpen Source
PHP/Symphony/Angular.JS
Deployable in the Cloud or on-premises
Amazon/VMWare/Azure VMs, BitNami installer
Packages for Linux Distros (RedHat, Ubuntu, Debian)
User management, user roles and permissions, and secure password hashing
Flexible access control over applications, services, files, and database CRUD permissions
www.etnatraining.it
DreamFactory: featuresSupported SQL DBs:
MySQL, PostgreSQL, MSSql (Oracle soon)
Supported NoSQL DBs:
MongoDB, CouchDB, DynamoDB, Azure Tables
Storage Supported:
Amazon S3, LocalStorage, OpenStack, Azure BLOB
External WebService (SOAP/REST), OAuth supported with Portal Service
Custom server side scripts with JavaScript (V8 engine)
www.etnatraining.it
DreamFactory: client SDKNative Mobile Clients:
iOS, Android, Windows 8
HTML5/JavaScript
AngularJS, Sencha, jQuery, PhoneGap/Cordova
Titanium SDK since version 1.5
Titanium Classic, wrapper over HTTP with Promises
www.etnatraining.it
Getting started with DreamFactoryDownload the Bitnami installer or VM images at:
https://bitnami.com/stack/dreamfactory
or sign up for the Free Hosted Edition at:
https://www.dreamfactory.com/user/register
Open you browser at:
http://localhost:8080
and login to the DSP LaunchPad with your admin credentials
Create a new App, create a new Table (Schema panel), populate the table (Data panel), browse the table via API/SDK panel
!
www.etnatraining.it
DSP REST APIsCreate an User and a Role, assign the Role to the created App and assign the Database service to the Role
Login the user with:
curl -X POST -d '{"email": "[email protected]", "password": "pippo1234"}' http://localhost:8080/rest/user/session?app_name=Todo
Keep note of the returned session_id
Fetch all the records with:
curl -H "X-DreamFactory-Session-Token: 8rena0119llqjagvfdn08kh6f2" http://localhost:8080/rest/db/todo2?app_name=todo
Add some records with:
curl -X POST -H "X-DreamFactory-Session-Token: 8rena0119llqjagvfdn08kh6f2" -d '{"title":"new todo", "location": "somewhere", "completed": false}' http://localhost:8080/rest/db/todo2?app_name=todo
www.etnatraining.it
Access your existing SQL DBCreate a new service of type Remote SQL DB
API name is the REST endpoint
Set the Username and Password to your DB
Set the connection string to the DB:
mysql:host=localhost;dbname=etnatraining.it
Add the new created services to the previous created Role
Access your DB through REST APIs:
curl -H "X-DreamFactory-Session-Token: gpapq4itp198g6c38sk3gvr9j3" ‘http://localhost:8080/rest/etna/wp_posts?app_name=Todo&limit=1&post_type=feedback'
www.etnatraining.it
Titanium DreamFactorySimple wrapper over DSP REST APIs available here:
https://github.com/dreamfactorysoftware/titanium-dreamfactory
Use JS Promises to avoid callback hell
Provided as a Common.JS module:
include dreamfactory.js and Promises.js
A simple GET request looks like this:
!
www.etnatraining.it
Trainees appSimple Titanium Alloy App that fetches Trainees that attend to EtnaTraining classes on Titanium
DSP used to access the www.etnatraining.itWordPress backend
Source code available at:
https://github.com/EtnaTraining/Trainees
!
www.etnatraining.it
DreamFactory featuresApp hosting for HTML5 apps
Lookup keys
Connect to existing users in SQL or NoSQL
Server Side Filters
Fine grained table permissions based on user, role, application
Server side events
events can trigger custom scripts on select, update, insert, delete, describe
!
!
www.etnatraining.it
LoopBack Open Source API framework powered by Node.js
Made by StrongLoop
Developers of a commercial version of Node.js with clustering and monitoring support
contributors to Node.js and several npm packages
Allows to create REST APIs on top of enterprise data
Provides built-in services to handle:
Push Notifications, Geolocation, Offline replication and synchronization, File Storage
www.etnatraining.it
LoopBack ModelsREST APIs are based on Models
defined based on existing schema (both relational and no relational)
open model (free form)
can be discovered automatically
can be synchronized if developer change model definition
can be defined in code with JavaScript APIs (both in the client and in the server, isomorphic JS) and/or in JSON file with LDL (LoopBack Definition Language)
www.etnatraining.it
LoopBack ConnectorsAllows models to talk to different data sources. Available connectors:
MySQL, PostgreSQL, Oracle, MSSql
In-memory
REST
NoSQL Db (MongoSQL)
www.etnatraining.it
LoopBack featuresModel relations support
define hasMany, belongsTo, hasAndBelongsToMany relationships
User authentication and authorization for models:
oAuth user and registration models
Fine grained Role-based access control list
offline support and data replication (new!)
custom remote method definition with events
www.etnatraining.it
Getting started with LoopbackInstall with npm:
npm install -g strong-cli
Create a LoopBack project
slc lb project mybackend
Create a model interactively
cd mybackend
slc lb model todo -i
slc lb model anything (free form model)
Run your loopback app:
node app
Browse your REST API at:
http://localhost:3000/explorer
www.etnatraining.it
Let’s play with the REST APIsOur todos model is available at:
http://localhost:3000/api/todos
Create some todo model instances:
curl -X POST -H "Content-Type:application/json" -d '{"title": "Buy the milk", "location": "Amsterdam", "completed": false}' http://localhost:3000/api/todos
Retrieve all the completed todos:
GET to http://localhost:3000/api/todos?filter[where][completed]=true
curl 'http://localhost:3000/api/todos?filter%5Bwhere%5D5Bcompleted%5D=true'
www.etnatraining.it
Make the model instances persistentCreate a datasource:
slc lb datasource mylocaldb --connector mysql
Install the loopback-connector-mysql
npm install loopback-connector-mysql
Edit the datasources.json:
!
Change models.json and set:
"dataSource": "mylocaldb"
PS: You have to had previously created the todo table into the db
www.etnatraining.it
Model discovery from SQL dbLoopback provides methods to create model from existing data:
Create first the datasource in datasources.json:
!
Call the method discoverSchema() or discoverAndBuildModels() on the defined datasources:
run discovery.js:
!
!
node discovery.js >> wp_posts.json
add the discovered models to models.json
www.etnatraining.it
Some query example with filtersLimit the number of entries
http://localhost:3000/api/WpPosts?filter[limit]=5
Select only given fields:
http://localhost:3000/api/WpPosts?filter[fields][postContent]=true&filter[fields][postTitle]=true&filter[limit]=20
Select only fields with a given value:
http://localhost:3000/api/WpPosts?filter[where][postType]=feedback&filter[limit]=3
www.etnatraining.it
Model synchronization with SQL dbWe have seen how to access pre-existing data on SQL DBs
But we can also define new models and Loopback can create or update DB schema for us:
Define the datasource
Define the new schema(you can also in code)
call the ds.automigrate() method
WARNING: if the schema alreadyexists in the DB, it will be droppedand all data lost
www.etnatraining.it
Model synchronization with SQL dbWe can also alter the model without destroying existing data, if we change our Model:
Define the datasource
Define the new schema(this can also be done in code)
call the ds.autoupdate() method
Loopback will calculate thedifferences between the new modeland table schema definition
www.etnatraining.it
Loopback SDKsNative Mobile SDKs:
iOS (Objective-C), Android (Java)
Browser SDKs:
Angular.JS (isomorphic LoopBack)
REST APIs
Titanium SDK?
Option 1: Use the REST API
Option 2: Alloy Wrapper (in progress) made by Aaron Saunders:
https://github.com/aaronksaunders/strongloopAlloy
www.etnatraining.it
DreamFactory vs LoopBack
DreamFactory LoopBack
No code required CLI helps, but definitively required
Super easy to use Learning curve can be quite steep
customization is limited (server side scripts/events)
great customization of your REST API: it’s a platform and
you build an appClassical Horizontal scaling if
you deploy on the Cloud (OpenShift)
easy to scale and monitor with StrongLoop cluster support and
StrongOps
Currently not supported, but soon available
Provide specific mobile services: cross-platfom push
notification, geolocation
www.etnatraining.it
ReferencesDreamFactory homepage
https://www.dreamfactory.com/
DreamFactory Documentation
http://dreamfactorysoftware.github.io
Loopback home page:
http://loopback.io/
Loopback documentation
http://docs.strongloop.com/display/LB/LoopBack
Thank you!
