npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

felony

v1.1.2

Published

Criminally easy framework

Downloads

30

Readme

Felony

Framework for lazy developers with security in mind that promotes good project structure and code segregation.

We at Barrage started working on Felony since Node version 6. It has been our trusted helper for years now. Up until now it has been an internal framework that we decided to wrap around existing and reliable solutions such as ExpressJS and add our toolset and helpers for the developers working on our projects.

HTTP Server is wrapper around ExpressJS framework with preloaded security defaults.

This is a complete rewrite where we have started from scratch and want to have it publicly available to help anyone that deems this helpful. At first, we will work on it and add all the features and tools we found to be helpful for us. As a potential user that means you can be a contributor as well, feel free to contact us.

Requirements

Felony has been written with node v14 in mind, it might not work with older versions of node. It assumes your are writing your application as ESM module, you will have to specify that in your package.json:

{
  "type": "module"
}

Installation

Install Felony as a dependency of your project:

npm install --save felony

Run felony in your terminal, and you should get back the Felony object. If that happens, you are all set!

However, you can create index.js file:

import { commit } from "felony";
commit();

or:

import Felony from "felony";
const felony = new Felony(process.cwd());
felony.commit();

And then you will have access to Felony through it:

node index.js

Without any passed arguments, you will just get console.dir(Felony) back that will display all the loaded modules.

To start HTTP server simply pass the http argument to index.js:

node index.js http

NOTE: you can use felony command instead of node index.js.

Singleton

Once you load the Felony, the last instance that has been loaded will be stored on globalThis object and then you can retrieve it:

import { singleton } from "felony";
const felony = singleton();

// or

const alsoFelony = globalThis.Felony;

ExpressJS

As already mentioned, Felony lifts Express as HTTP(s) server with security plugins already enabled and added by default.

We have included:

  • HPP (HTTP Parameter Pollution) protection (default: enabled)
  • Helmet package that includes:
    • contentSecurityPolicy for setting Content Security Policy (default: disabled)
    • crossdomain for handling Adobe products' crossdomain requests (default: disabled)
    • dnsPrefetchControl controls browser DNS prefetching (default: enabled)
    • expectCt for handling Certificate Transparency (default: disabled)
    • frameguard to prevent clickjacking (default: enabled)
    • hidePoweredBy to remove the X-Powered-By header (default: enabled)
    • hsts for HTTP Strict Transport Security (default: enabled)
    • ieNoOpen sets X-Download-Options for IE8+ (default: enabled)
    • noSniff to keep clients from sniffing the MIME type (default: enabled)
    • referrerPolicy to hide the Referer header (default: disabled)
    • xssFilter adds some small XSS protections (default: enabled)
  • Cors (default: enabled, but lax)

If you don't configure any of them, they will use default configurations, we strongly encourage you to research those options, and configure them for your project and needs. It will not make your application bulletproof, but will help you fend off most of the script-kiddie hackers.

  • https://www.npmjs.com/package/hpp
  • https://www.npmjs.com/package/helmet
  • https://www.npmjs.com/package/cors

Configuration

Felony will automatically load configuration files that are placed in config/ directory of your project:

To configure HTTP server, you will create config/server.js file:

export default {
  port: 5445,

  // https://expressjs.com/en/4x/api.html#express.router
  router: {
    caseSensitive: false,
    mergeParams: false,
    strict: false,
  },

  // https://helmetjs.github.io/
  helmet: {},
};

To modify default cors configurations for your server, add config/cors.js file:

export default {
  origin: "*",
  preflightContinue: false,
  optionsSuccessStatus: 204,
  methods: "GET,HEAD,PUT,PATCH,POST,DELETE",
  headers: ["user-agent", "content-type", "accept-language", "x-forwarded-for"],
};

All the configurations will be then available on Felony.config in your application.

Environment specific configurations

Felony will recognize if you export NODE_ENV before you run it and it will be stored in Felony.environment property. This property will be used to load configuration files from config/environments/{YOUR_ENV}/any-config.js.

This means, if, for example you want to override cors configurations for your production application, you would create config/environments/production/cors.js, that would automatically override config/cors.js

then run your application with NODE_ENV set:

NODE_ENV=production node index.js

Running, helpers and application

Felony comes with integrated commands that will help you in building your project, to show what commands are available run:

node index.js commands

The commands offered as integrated will help you generate your own commands, databases, routes, middleware, events and listeners.

Routes

To create route, simply run:

node index.js command=make:route name=GetVersion.js method=GET path=/version

This will create empty route file under routes/GetVersion.js, modify it:

import Route from "felony/base/Route.js";
import { promises as fs } from "fs";
export default class GetVersion extends Route {
  method = "GET";
  path = "/version";
  description = "";
  middleware = [];
  async handle(request, response) {
    const file = await fs.readFile("./package.json", "utf-8");
    const pkg = JSON.parse(file.toString());
    response.status(200).send({ version: pkg.version });
  }
}

Start the application with:

node index.js http

...and open in your browser: http://localhost:5445/version

Thats it!

Middleware

As you have noticed, route has property middleware = [] in that array you can put paths to any middleware you create:

node index.js command=make:middleware name=LogRequest.js

Your middleware will be created under middleware/LogRequest.js:

import Middleware from "felony/base/Middleware.js";
export default class LogRequest extends Middleware {
  async handle(request, response, next) {
    next();
  }
}

IMPORTANT: You absolutely have to call next() or return response in every middleware, otherwise your server will hang once the route is called!

To add this middleware to your route, edit the route and add the path to it in middleware array:

import Route from "felony/base/Route.js";
import { promises as fs } from "fs";
export default class GetVersion extends Route {
  method = "GET";
  path = "/version";
  description = "";
  middleware = ["../middleware/LogRequest.js"]; // Note that the path is relative from routes directory
  async handle(request, response) {
    const file = await fs.readFile("./package.json", "utf-8"); // unlike fs that works from the application root where node was started
    const pkg = JSON.parse(file.toString());
    response.status(200).send({ version: pkg.version });
  }
}

Commands

Commands are useful tools that can enable you to run certain tasks for your application, and are designed to run from CLI, but can also be called from within your application.

To get started, simply use the included helper command to create one:

node index.js command=make:command name=ExampleCommand.js signature=example

Command will be created under commands/ExampleCommand.js.

Within the command you'll get async handle() {} method where you should put the command logic, and then you'll be able to simply run it:

node index.js command=example

In the command, all the arguments passed will be available in the payload object: this.payload.

Database

You can create configuration file that will hold the connection settings, for example: config/database.js:

export default {
  redis: {
    host: "localhost",
    port: 6379,
  },
};

...and this will be available under Felony.config.database

Felony, does not come with any database preferences, instead, we provide you with easy database setup:

node index.js command=make:database name=Redis.js

This will create databases/Redis.js where you will have two methods to use async handle() {} and async close() {}

Use the handle method to connect and setup the connection to any database or database ORM you wish and simply place it on the client property.

This will then automatically load on the Felony object, and you will be able to access it: Felony.db.Redis.client.

import Database from "felony/base/Database.js";
import Redisng from "redisng";

export default class Redis extends Database {
  client = null;
  async handle() {
    this.client = new Redisng();
    await this.client.connect(
      Felony.config.database.redis.host,
      Felony.config.database.redis.port
    );
  }
  async close() {
    await this.client.close();
  }
}

Events

Felony has its own kind of events called FelonyEvent that can be raised on any occasion within your application, this allows you to later extend the features and actions of your application without having to dig through the code.

To create an event, you can simply run:

node index.js command=make:event name=Hello.js

This will create simple class:

import FelonyEvent from "felony/base/FelonyEvent.js";
export default class Hello extends FelonyEvent {}

You can modify it to accept whatever payload you want when you construct the event:

import FelonyEvent from "felony/base/FelonyEvent.js";
export default class Hello extends FelonyEvent {
  payload = null;
  constructor(payload) {
    super();
    this.payload = payload;
  }
}

...and then, anywhere in your application you can raise this event:

await Felony.event.raise(new Hello({ value: true }));

Felony raises a lot of events during its runtime, you can create listeners for those events, take a look in support/events/ directory to see if there is anything you might need to listen for.

IMPORTANT: In order to not get unexpected behaviour, events must have unique name.

Listeners

Listeners are listening (go figure) for raised events, create a listener by running:

node index.js command=make:listener name=HelloListener.js
import Listener from "felony/base/Listener.js";
export default class HelloListener extends Listener {
  static listen = [];
  async handle() {}
}

This listener like this won't do much since its not listening to anything, to get it to listen for an event, add name of the event class you want it to listen, and then once the event is raised, Felony will call this listener and pass it the raised event:

import Listener from "felony/base/Listener.js";
export default class HelloListener extends Listener {
  static listen = ["Hello"];
  async handle() {
    console.log("We got event: ", this.event); // We got event: Hello {}
  }
}

Jobs and queue

Felony comes equipped with async queue and workers for longer running or memory heavy jobs.

Premise of the worker is that you will have multiple instances of your (same) application running, one (main) would be for listening HTTP requests:

node index.js http

And then you would have additional worker instances:

node index.js queue=example-queue

Let's say that you have some API endpoint where users can request export of their entire data they have in your database, this is something that would probably require you to make multiple database calls, format that data, pretty it up, and it lasts longer then a regular request would last.

So you make a plan to create a Job jobs/ExportUserData.js that would handle that export, and then later it would .zip the data and send it via email:

node index.js command=make:job name=ExportUserData.js

You will end up with something like this:

import Job from "felony/base/Job.js";
export default class ExportUserData extends Job {
  queueOn = null;
  async handle() {}
  async retryStrategy() {
    return true;
  }
}

So you start editing the Job and finally you get something like this:

import Job from "felony/base/Job.js";
export default class ExportUserData extends Job {
  queueOn = "long-execution-queue";
  async handle() {
    const userId = this.payload.userId;
    // Here we gather Users data...
    // Pretty it up and prepare it for zip...
    // Zip it in a file...
    // Email the file...
  }
  // This will trigger if handle method throws an error
  async retryStrategy() {
    if (this.error === "Some error that means we cannot retry") {
      return false;
    }

    return true;
  }
}

Armed with this job, you create new route where users can request the data:

// POST /get-all-my-data
async handle(request, response) {
  await Felony.queue.dispatch("ExportUserData.js", { userId: request.body.userId });

  response.status(200).send({ message: "Your data will be compiled, and sent to you by email shortly." });
}

HTTP Instance will receive this request and will dispatch the Job onto queue, Queue instance will pick it up from Redis and will instantiate the same job give it the payload you sent to it, and work on it in a separate process without making user wait for the response to come back.

Important notes for queues

  • Queue workers use redis, and you'll have to configure it: see example below
  • When you dispatch a Job, payload you pass to it will be JSON stringified, meaning you can send only what will survive that process.
  • Queues execute ONE JOB AT THE TIME, this is a good way to make them reliable, but if you want speed, you might need to add more listeners for the same queue.
  • Theoretically, your application queue workers don't have to be on the same server as your main app, they just need to have access to same Redis.

Configuring queue

Create a file in config/queue.js or config/{YOUR_NODE_ENV}/queue.js:

export default {
  connection: {
    host: "localhost", // Redis host
    port: 6379, // Redis port
    db: 1, // Redis db where to store jobs
  },
};

Cron

Felony comes equipped with integrated cron runner where you can easily schedule task that will happen at a certain interval.

node index.js command=make:cron name=ExampleCron.js schedule='* * * *'

This commnad will generate a cron file located in crons/ExampleCron.js where under handle() method you can define action that will happen once the schedule is up.

import Cron from "felony/base/Cron.js";
export default class ExampleCron extends Cron {
  static description = "";
  static schedule = "* * * *";
  static active = true;
  async handle() {
    console.log("ExampleCron has executed!");
  }
}

Cron runner is not active by default and you will need to activate it once you are starting your application by simply adding an argument cron

node index.js cron

cron argument can be combined with http or queue and will run in parallel with either of those two.

Crons have to be active to run and can access the whole Felony object as if they were any other part of your application.

if you have many crons you can use the integrated command to display the details about them:

node index.js command=cron:display

and you'll get a nice table with all the crons in your application:

This is a list of all CronJobs.
┌─────────┬──────────────────┬─────────────┬─────────────────────────┬──────────────────────────┬────────┐
│ (index) │       name       │  schedule   │ Human readable schedule │           next           │ active │
├─────────┼──────────────────┼─────────────┼─────────────────────────┼──────────────────────────┼────────┤
│    0    │ 'ExampleCron.js' │ '* * * * *' │     'Every minute'      │ 2020-10-28T17:37:00.000Z │  true  │
└─────────┴──────────────────┴─────────────┴─────────────────────────┴──────────────────────────┴────────┘

Additional documentation

We believe that the best documentation for code is code itself, there for we encourage you to dig through our code and inspect what is happening there, we suggest that you start with the base/ directory that holds classes each of the objects extends, they have a lot of comments and might help you understand a lot more then this readme.