Reflektive @ JSFoo 2018
JSFoo is one of the biggest conferences on Javascript in India. It was a two day conference. This year’s theme was “javascript and security”. There were some great talks this year on writing secure code for both backend and frontend. Talks had a good mix of beginner and advanced level.
Team Reflektive attended the conference this year. We had great time listening to the talks and interacting with the javascript community in Bangalore.
Here are some of the talks we liked and you shouldn’t really miss (in no particular order).
Complex features made easy with RxJS by Ben Lesh
This is a very quick introduction on observables and rxjs by Ben Lesh, Lead developer on rxjs. This talk and a couple of old talks Ben cited during this presentation will help you grok rxjs and observables. Please do check this along with the other two talks (links at the end).
He walked us through the code of a news feed application implemented with a twitter style pull down to refresh with all the animations using rxjs. It demonstrated how animations, browser events and backend data fetching fit into observables.
What makes JSON Web Tokens (JWT) secure? by Siddharth Kshetrapal
JSON Web Token are client tokens used for authorization of the client. This is a string which is sent in HTTP request (from client to server) to validate authenticity of the client. If you don’t know what JWTs are and looking forward to learn more, this is the talk for you!
In this talk, Siddarth introduced us to JWTs, explained in detail the three parts of the token. He walked us through the common mistakes people make when implementing JWT and how these mistakes could lead to security risks. He also demonstrated common tricks to hack using JWT and mitigation strategies.
Using service workers to improve dynamic image delivery in the browser by Rahul Nanwani
More and more people are using web using mobile phones. This means not so great mobile network speeds. Images contribute about 50% of the total page size. This talk gives a solution to deliver different quality images based on network speed of the user.
This relies on latest network information api to determine the speed of network. Uses service workers to intercept image requests to add additional quality parameters based on the network speed. .
Architecture of scalable and resilient Node JS apps with GraphQL & event-driven serverless by Shahidh K Muhammed
Serverless is getting popular these days for the simplicity and ability to handle scale. So is GraphQL for fetching data for multiple data sources.
In this talk, Team Hasura presented a really interesting way to using serverless and graphql subscriptions together to build a real time database. In a nutshell, database triggers are setup to call serverless function, which in turn could change the database which will trigger a new serverless function and so on. Clients have to query the information using graphql subscription.
Speaker demoed a food delivery tracking system using this system. It was a pretty cool demo and engaging talk. Don’t miss this one!
Web Workers: A musical introduction by Ritesh Kumar
Web Workers is a simple means for web content to run scripts in background threads. The worker thread can perform tasks without interfering with the user interface.
In this talk, Ritesh gave an intro to javascript event loop, asynchronous and synchronous code. He developed a piano playing app which required parsing of midi files. Parsing these files is blocking. There are other challenges in making piano playing app in browser. This is a good case study to understand how one can offload blocking tasks to web workers.
Authentication done right: Consuming (and serving) Oauth 2.0 by Arnav Gupta
Authentication and authorization are the critical components for building any consumer facing application. Arnav gave us a very good case study for implementing oauth service at coding blocks for handling multiple frontends and microservices.
Others
There were multiple talks on web application security for servers and client side. There is lot of overlapping content in these talks.
Oracle presented the mysql 8.0 which adds support for nosql, document storage with collections like mongodb. Mysql now also have javascript library with support of promises.
All the talks are available online now!
