Let’s start by saying, today is an important day for us. In the months since we initially launched at NodeJS Summit, it’s been an incredible journey of learning, giving back to the developer community and above all — checking out some amazing open source projects. Express Gateway If you’re just joining the conversation, we wanted to make Express Gateway, more accessible to developers who have been forced to hand roll this solution. an open source API Gateway built entirely on Express.js The catch? With Express Gateway, you actually get to leverage the vast ecosystem of Express.js middleware and other open source to get the job done. Community Driven As part of our ongoing commitment to the community, as sponsors of the Express Gateway project, we expanded on our initial ideas and , but also sent the right external signal so if you — or anyone else, , we could share our initial vision. built out a Roadmap that was flexible enough to adapt based on community input who wanted to get more involved Flexible In several user interviews, a few key insights stood out. Even when you’re trying to launch an open source project, the same design thinking principles till apply. In order to attain the kind of flexibility we were looking for, the team decided to stick to a few core concepts: Create a gateway for any language, framework Make this gateway with all microservice use cases in mind Simple Above all else, we wanted to make Express Gateway simple. API Gateways and microservices are complicated enough. Here are a few things we focused on during the initial build phase:* * Building some of the , rate limiting etc* A full blown consumer and credential management system out of the box A declarative config separated from the code to control it all most commonly used gateway policies like OAuth2 Auto-detect and hot-reload config changes Plugging in to our latest release In case you missed it, we also just had a . Express Gateway 1.2.0 adds a new plugin engine that allows anyone to add their own extension entities within a plugin. Then you can install and utilize it dynamically within Express Gateway. recent release that included an extensible Plugin Framework The Quick & Dirty: An Express Gateway plugin acts as a container and has three key things: Package.json A folder for each entity extension Manifest.js The package.json declares all dependencies that the plugin requires, just like any Node.js modules. We got to work breaking down . all of the installation, entity extension point folders, manifest.js, and more of that magic All about the code But, how easy is it to get started with an open source API Gateway like ? Express Gateway Well, let’s see. Get a the start of a real-time app up and running, complete with authentication. First install your dependencies by running. Specify a microservice and expose as an API STEP 1 We’re going to specify an existing service — to proxy and manage as if it were our own originating from within the firewall. The service allows users to do get a GET and returns back a JSON string as output. It’s freely available and we’re going to showcase the capabilities of the Express Gateway http://httpbin.org/ip Open another terminal window curl http://httpbin.org/ip { "origin": "73.92.47.31" # this will be your own IP address } STEP 2 The service will be specified as a service endpoint in the default pipeline in Express Gateway. A pipeline is a set of policies. Express Gateway has a proxy policy. Using the proxy policy within the default pipeline, the gateway will now sit in front of the service and route external requests to it as a service endpoint http://httpbin/ip cd my-gateway/config Open gateway.config.yml and find the serviceEndpoints section where a service endpoint named httpbin has been defined serviceEndpoints: httpbin: url: 'https://httpbin.org' Next find the httpbin serviceEndpoint in the proxy policy of the default pipeline …— proxy:— action:serviceEndpoint: httpbinchangeOrigin: true… STEP 3 We’re going to expose the httpbin service as an API endpoint through Express Gateway. When an API is made public through an API endpoint, the API can be accessed externally. Open gateway.config.yml Find the apiEndpoints section where an API endpoint named “api” has been defined apiEndpoints: api: host: 'localhost' paths: '/ip' Note: the path of the API request is appended to the service endpoint by default by the proxy policy STEP 4 Now that we have a API endpoint surfaced, we should be able to access the API through Express Gateway. curl [http://localhost:8080/ip](http://localhost:8080/ip) Define API Consumer STEP 1 To manage our API, we’re going to define authorized users known as “Consumers” that are allowed to utilize the API. cd my-gateway eg users create $ eg users create? Enter username [required]: bob? Enter firstname [required]: Bob? Enter lastname [required]: Smith? Enter email:? Enter redirectUri:✔ Created bob Secure the API with Key Authorization STEP 1 Right now the API is fully exposed and accessible via its API endpoint. We’re now going to secure it with key authorization. To do so we’ll add the key authorization policy to the default pipeline. In gateway.config.yml find the pipelines section where the “default” pipeline has been defined pipelines: - name: getting-started apiEndpoints: - api policies: - key-auth: - proxy: - action: serviceEndpoint: httpbin changeOrigin: true STEP 2 Assign the key credential to Bob eg credentials create -c bob -t key-auth -q $ eg credentials create -c bob -t key-auth -q 0Er0Ldv5EHSUE364Dj9Gv:2Yzq1Pngs1JYaB2my9Ge4u Note: the -q option above, limits the output to just the API key, making it easier for copying and pasting. STEP 3 Curl API endpoint without credentials — FAIL curl http://localhost:8080/ip $ curl http://localhost:8080/ip Forbidden STEP 4 Curl API endpoint as Bob with key credentials — SUCCESS! curl -H “Authorization: apiKey ${keyId}:${keySecret}” http://localhost:8080/ip $ curl -H "Authorization: apiKey 0Er0Ldv5EHSUE364Dj9Gv:2Yzq1Pngs1JYaB2my9Ge4u" http://localhost:8080/ip { "origin": "73.92.47.31" } Ready to take the Plugins for a spin? Get the code snippets you need to get started with installation, Plugin Context and other critical path examples. That’s it! Over the past few months since , Express Gateway has grown from just an idea to a more mature framework that, with a growing and more accessible ecosystem of , makes it really easy to build sustainable APIs and Microservices. This new release is just the beginning. our initial launch at NodeJS Summit plugins As always, we are excited to see what you build with . Express Gateway Before we go — we are also on Product Hunt today so stop by with some feedback and don’t forget to ask questions if you like what you see.
