Node.js comes with a slew of external libraries that do things. In practice, these are more like essentials than addons. Express, body-parser, ejs view engine, passport.js, sequelize database handler, and much, much more are almost requirements for node.js to work as a server.
If it were merely about dependencies I would just live with it, especially at this learning stage, but that is definitely not the case with this house of cards. The biggest issue I’m facing with writing code for the back-end (ie. server) using node.js is the acrobatics it requires of me.
I’ll use the example of trying to set up user authentication to bring you through the source of my recent headaches.
The nightmare of setting up user authentication with passport.js
Ok, here goes. To set up a web app with user sign up and login (what we call authentication and, when it pertains to permission to view certain pages, authorisation), we need to use an external library called passport.
Before I can write a line of code that defines the logic for authentication and authorisation, I need to set up my server to “require” these and various other packages. In this case, I also need the express-session package because passport needs that to work.
After writing a bunch of “require” and “app.use” statements, I then have to create new folders to store a few other files that are absolutely necessary for it to function properly: 1. /config/ppConfig.js to set up the behaviour of passport 2. /controllers/auth.js to receive the signup, login and logout routes and control what happens when the user lands on the page
Ok, I’m back, and quite frankly I don’t feel inclined to spell out the rest of the process. It’s just mind-numbing! (If you have questions though, I’ll gladly help as I can. Just post your question as a comment.)
What is the point?
Yes, I have a point I’m trying to make, and it’s this: it shouldn’t be this hard!
I’ve read in several places about a particular kind of professional whose main goal is to build systems so that life can be better, less repetitive and mundane, more colourful…
Programmers are not supposed to have to deal with unnecessary complexity, and this is clearly what it is. It should be easier. With a community as lively as it can possibly be, there should be a project to unite these common server tasks (how many websites don’t need authentication and authorisation nowadays?) into a much leaner machine.
Until that happens, I’m afraid the only way out is through.
(image: Joel Herzog)