Deploying a robust and scalable is fundamental in building modern web applications. Ensuring the security of your API is equally crucial to protect sensitive data and maintaining user trust. This tutorial will guide you through deploying a scalable and secure Node.js REST API with MongoDB on Aptible. REST API This powerful deployment platform offers robust application hosting, scaling, and security solutions. Content Overview Importance of Deploying Scalable and Secure REST APIs Prerequisites Setting Up the Development Environment Connecting to MongoDB Building the Node.js REST API Deploying on the Aptible Platform Why use aptible for containerization and orchestration Conclusion Importance of Deploying Scalable and Secure REST APIs REST (Representational State Transfer) APIs have become the cornerstone of web applications, enabling seamless communication between the front and back end. As your application gains traction, the demand for your API will inevitably increase. Scalability: A scalable API can handle higher traffic loads without compromising performance, ensuring a smooth user experience even during peak usage. Security: Handling user data and sensitive information requires airtight security measures to prevent data breaches and unauthorized access. Secure APIs employ encryption, authentication, and authorization mechanisms to safeguard user data and the overall system. If you are looking for a PaaS to help you build and deploy your applications quickly and easily, then Aptible's PaaS is a great option. Prerequisites Before you begin, ensure you have the following prerequisites: Install Git Create an Aptible account Install the Aptible CLI Add an SSH public key to your Aptible user account Install and setup MongoDB Install Nodejs and Express Setting Up the Development Environment Now that you’ve completed the prerequisites and created your Aptible project set up your development environment. 1. Create a New Project Directory Navigate to a directory where you'd like to create your project. In the terminal, create a new directory and navigate into it: mkdir multitenant
cd multitenant 2. Initialize Your Project with NPM You will use npm (Node Package Manager) to manage your project's dependencies and configurations. Run the following command to initialize your project: npm init -y This command generates a file that will store information about your project and its dependencies. package.json 3. Install the Express Framework Express is a minimal and flexible Node.js web application framework you will use to build your REST API. Install Express using npm: npm install express Your project directory structure should now look something like this: multitenant/
├── node_modules/
├── package.json
└── package-lock.json Connecting to MongoDB 1. Create a database.js File Inside your project directory, create a new file called . This file will set up the connection to your MongoDB database. database.js 2. Import the MongoDB Module and Set Up a Connection Open in your preferred code editor and add the following code: database.js const MongoClient = require('mongodb').MongoClient;

const uri = 'mongodb://your-mongodb-uri'; // Replace with your actual MongoDB URI
const client = new MongoClient(uri, { useNewUrlParser: true, useUnifiedTopology: true });

client.connect(err => {
  if (err) {
    console.error('Error connecting to MongoDB:', err);
    return;
  }
  console.log('Connected to MongoDB');

  // You can now use the 'client' object to interact with the database
}); Replace with the actual connection string for your MongoDB database. 'your-mongodb-uri' The above code establishes a connection to the MongoDB database using the MongoDB driver's . You handle any connection errors and, if successful, log a confirmation message. MongoClient Building the Node.js REST API With your development environment and the MongoDB connection established, Its time to start building our Node.js REST API using Express. 1. Create a File server.js In your project directory, create a new file called and add the following code: server.js const express = require('express');
const bodyParser = require('body-parser');
const mongoose = require('mongoose');

const app = express();
const PORT = process.env.PORT || 3000;

app.use(bodyParser.json());

mongoose.connect('mongodb://localhost/organization-app', {
  useNewUrlParser: true,
  useUnifiedTopology: true,
});

const Organization = require('./models/Organization');
const User = require('./models/User');
const Store = require('./models/Store');

// Define your endpoints here

app.listen(PORT, () => {
  console.log(`Server is running on port ${PORT}`);
}); 2. Define your MongoDB models: Create separate files for each model in a models directory: : models/Organization.js const mongoose = require('mongoose');

const organizationSchema = new mongoose.Schema({
  name: String,
  email: String,
  department: String,
  password: String,
  isAdmin: Boolean,
  users: [{ type: mongoose.Schema.Types.ObjectId, ref: 'User' }],
});

module.exports = mongoose.model('Organization', organizationSchema); : models/User.js const mongoose = require('mongoose');

const userSchema = new mongoose.Schema({
  name: String,
  email: String,
  password: String,
  role: String,
  organization: { type: mongoose.Schema.Types.ObjectId, ref: 'Organization' },
  stores: [{ type: mongoose.Schema.Types.ObjectId, ref: 'Store' }],
});

module.exports = mongoose.model('User', userSchema); : models/Store.js const mongoose = require('mongoose');

const storeSchema = new mongoose.Schema({
  name: String,
  description: String,
  link: String,
  user: { type: mongoose.Schema.Types.ObjectId, ref: 'User' },
  isPrivate: Boolean,
});

module.exports = mongoose.model('Store', storeSchema); Define your REST endpoints in the file: server.js // Create a new organization
app.post('/organizations', async (req, res) => {
  try {
    const organization = await Organization.create(req.body);
    res.status(201).json(organization);
  } catch (error) {
    res.status(500).json({ error: 'Internal server error' });
  }
});

// Get all organizations
app.get('/organizations', async (req, res) => {
  try {
    const organizations = await Organization.find().populate('users');
    res.json(organizations);
  } catch (error) {
    res.status(500).json({ error: 'Internal server error' });
  }
});

// Get a specific organization
app.get('/organizations/:id', async (req, res) => {
  try {
    const organization = await Organization.findById(req.params.id).populate('users');
    res.json(organization);
  } catch (error) {
    res.status(500).json({ error: 'Internal server error' });
  }
});

// Update an organization
app.put('/organizations/:id', async (req, res) => {
  try {
    const updatedOrganization = await Organization.findByIdAndUpdate(
      req.params.id,
      req.body,
      { new: true }
    );
    res.json(updatedOrganization);
  } catch (error) {
    res.status(500).json({ error: 'Internal server error' });
  }
});

// Create a new user
app.post('/organizations/:orgId/users', async (req, res) => {
  try {
    const user = await User.create({ ...req.body, organization: req.params.orgId });
    const organization = await Organization.findByIdAndUpdate(
      req.params.orgId,
      { $push: { users: user._id } },
      { new: true }
    );
    res.status(201).json(user);
  } catch (error) {
    res.status(500).json({ error: 'Internal server error' });
  }
});

// Get all users for an organization
app.get('/organizations/:orgId/users', async (req, res) => {
  try {
    const users = await User.find({ organization: req.params.orgId }).populate('stores');
    res.json(users);
  } catch (error) {
    res.status(500).json({ error: 'Internal server error' });
  }
});

// Update a user
app.put('/users/:id', async (req, res) => {
  try {
    const updatedUser = await User.findByIdAndUpdate(req.params.id, req.body, { new: true });
    res.json(updatedUser);
  } catch (error) {
    res.status(500).json({ error: 'Internal server error' });
  }
});

// Create a new store for a user
app.post('/users/:userId/stores', async (req, res) => {
  try {
    const store = await Store.create({ ...req.body, user: req.params.userId });
    const user = await User.findByIdAndUpdate(
      req.params.userId,
      { $push: { stores: store._id } },
      { new: true }
    );
    res.status(201).json(store);
  } catch (error) {
    res.status(500).json({ error: 'Internal server error' });
  }
});

// Get all stores for a user
app.get('/users/:userId/stores', async (req, res) => {
  try {
    const stores = await Store.find({ user: req.params.userId });
    res.json(stores);
  } catch (error) {
    res.status(500).json({ error: 'Internal server error' });
  }
}); 4. Create a Dockerfile for Your Application In your project directory, create a file named . This file will contain instructions for building your Docker image. Dockerfile Open and add the following code: Dockerfile # Use the official Node.js image as the base image
FROM node:16

# Set the working directory inside the container
WORKDIR /app

# Copy package.json and package-lock.json to the working directory
COPY package*.json ./

# Install project dependencies
RUN npm install

# Copy the application code to the container
COPY . .

# Expose the port that the app will run on
EXPOSE 3000

# Start the application
CMD ["node", "server.js"] This Dockerfile sets up a Node.js runtime, installs dependencies, copies your application code and specifies the command to start the application. Push your project to GitHub. allows us to package our application and its dependencies and configurations into a single container that can easily deploy across different environments. Docker Deploying on the Aptible Platform Congratulations! Your Node.js REST API is now containerized using Docker. You can now deploy it on the Aptible platform, providing a streamlined application deployment process focusing on security, compliance, and scalability. To get started, you will need to create an Aptible project. This can be done by following the step-by-step guide below: Login to Aptible via the CLI using the below command. aptible login Follow the instruction to login into your Aptible account. Create an Environment by running the below command. Syntax: aptible apps:create <App name> --environment=<environment name> Command: aptible apps:create multitenant --environment=env-prodz You will see something similar to this: App multitenanst created!

Git Remote: git@beta.aptible.com:env-prodz/multitenanst.git Add the Aptible Git remote for this app, then push to the remote to begin deployment: Syntax: git remote add aptible <Git Remote>

      git push aptible main Command: git remote add aptible git@beta.aptible.com:env-prodz/multitenanst.git

      git push aptible main You will be presented with a prompt similar to this. This key is not known by any other names

Are you sure you want to continue connecting (yes/no/[fingerprint])? After typing ,  you will see something similar to this. yes remote: INFO -- : COMPLETED (after 0.06s): Commit service cmd in API

remote: INFO -- : STARTING: Cache maintenance page

remote: INFO -- : COMPLETED (after 0.05s): Cache maintenance page

remote: INFO -- : STARTING: Commit app in API

remote: INFO -- : COMPLETED (after 0.2s): Commit app in API

remote: INFO -- : App deploy successful.

remote: (8ミ | INFO: Deploy succeeded.

To beta.aptible.com:env-prodz/multitenanst.git

 * [new branch] main -> main Congratulations! Your app is deployed! Add an Endpoint Endpoints are used to terminate SSL/TLS and expose your application's services to the outside internet. Traffic received by the Endpoint will be load-balanced across all the Containers for the service, allowing for highly-available and horizontally-scalable architectures. a. In your dashboard, click on your app name multitenast b. Click on Endpoint c. To create your first endpoint, click the button. The default settings will route traffic to your application using the * domain. You can always create a custom endpoint with your domain later. Save Endpoint .on-aptible.com You can create an Endpoint via the CLI https://www.aptible.com/docs/cli-endpoints-https-create Note: If you encounter an error run this command aptible restart Create a database Aptible makes it easy to connect your Apps and Databases. Databases are automatically connected to provisioned Apps within the same Stack. Supported database types include PostgreSQL, MongoDB, Redis, MySQL, CouchDB, Elasticsearch, RabbitMQ, and InfluxDB. a. In your environment dashboard, click on the tab database b. To create your first database endpoint, follow these steps: This name will be used to identify your database in the Aptible console. It should be a unique and descriptive name. Choose a name for your handle. Aptible supports a variety of database providers, including MySQL, PostgreSQL, and MongoDB. Choose the database provider that best suits your needs. Choose a database provider. Aptible offers different versions of each database provider, each with its features and capabilities. Choose the version that best meets your needs. Select a version. The container size determines the amount of memory and CPU that your database will have. Choose a container size that is large enough to meet your needs but not so large that you are wasting resources. Choose a container size. The disk size determines the amount of storage space that your database will have. Choose a disk size that is large enough to store your data but not so large that you are wasting money. Choose a disk size. This will create your database endpoint. Click Save Database. Now, update your MongoDB URL with your Aptible credentials. You can find your credentials by visiting your database dashboard and clicking "Reveal Credentials." To access your backend endpoints, go to "Endpoints" and copy your . HOSTNAME You can then test your endpoints on any API testing platform, such as POSTMAN. To see the complete multitenant project and the API documentation, please refer to my GitHub repository here: https://github.com/wise4rmgod/Multitenant Continue deploying! Edit your codebase, commit changes, and push to Aptible to see them go live instantly. git commit -a -m "Commit changes to view on Aptible"
      git push aptible main Why use Aptible for containerization and orchestration? Aptible's PaaS (Platform as a Service) is a fully managed platform that makes deploying, managing, and scaling containerized applications easy. With Aptible's PaaS, you don't need to worry about the underlying infrastructure, so you can focus on building your applications. It offers several features that make it ideal for containerization and orchestration, including: Aptible's PaaS takes care of all the underlying infrastructure so you can focus on building your applications. Managed infrastructure. Security: Aptible provides several security features to help you keep your applications safe, such as role-based access control (RBAC), intrusion detection and prevention (IDS/IPS), and automatic security updates. Compliance: Aptible complies with several industry regulations, such as HIPAA, PCI DSS, and SOC 2. This makes it a good choice for applications that comply with these regulations. Scalability: Aptible is designed to automatically scale your applications up or down based on demand. This can help you save money on your cloud costs. Monitoring: Aptible provides several monitoring tools to help you track the performance and health of your applications. This can help you identify and fix problems before they impact your users. Ease of use: Aptible is a very easy-to-use platform. You can start with just a few clicks; no complex configuration steps are required. Aptible is very cost-effective. You only pay for the resources that you use, and there are no hidden fees. Cost-effectiveness: Aptible offers excellent support. You can get help from their team of experts 24/7. Support: If you are looking for a platform to help you with containerization and orchestration, I highly recommend Aptible. It is a secure, compliant, scalable, and easy-to-use platform that can help you save money and improve the performance of your applications. Conclusion In this guide, You successfully deployed a secure Node.js REST API with MongoDB on Aptible's platform. By following these steps, you've learned to create a robust and scalable environment for your app. containers and Aptible orchestration ensure scalability as your user base grows. With this deployment, you can confidently expand your app's features. This guide equips you to create, secure, and scale modern web applications on Aptible. Docker

Walkthroughs, tutorials, guides, and tips. This story will teach you how to do something new or how to do something better.

A Beginner's Guide to Using Large Language Models (LLMs) With the PaLM API

ZK Rollup: The Most Preferred Ethereum Layer 2 Scaling Solution

Join my technical writing mentorship program

Read My Stories

Too Long; Didn't Read

Make resilience your competitive advantage

Deploying a Scalable and Secure Node.js REST API with MongoDB on Aptible

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

Standing on the Shoulders of Giants: Conversations with the OGs of Technical Writing

The Noonification: How to Deal With Flapping or Broken Tests (11/29/2023)

The Noonification: Delving Into OpenTelemetry Collector (11/18/2023)

The Noonification: How to Implement a Merkle Tree in Solidity (11/12/2023)

105 Stories To Learn About K8s

Standing on the Shoulders of Giants: Conversations with the OGs of Technical Writing

The Noonification: How to Deal With Flapping or Broken Tests (11/29/2023)

The Noonification: Delving Into OpenTelemetry Collector (11/18/2023)

The Noonification: How to Implement a Merkle Tree in Solidity (11/12/2023)

105 Stories To Learn About K8s

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps