It feels like 2019 just started, but we are somehow already in March. February flew by, but while the month was short, the list of things the LoopBack team accomplished in the month was the opposite. In February, we tackled authentication and authorization, spikes on migration from LoopBack 3 to LoopBack 4, preparation for events, and others. You can see the February milestone and see the March milestone to see what we are working on next. Read more to see the details of our progress in February.
Authentication and Authorization
We refactored the JWT authentication strategy in
loopback4-example-shopping to be more modular and leveraged functions from
jsonwebtoken to perform a more robust password hashing and comparison. The token based utilities are refactored into a token service, so that it can be injected into the controller and strategy classes using Dependency Injection. The
bcrypt password hasher service is created similarly.
Our next step is to write a guide for plugging in different authentication strategies and depicting the API flow of authenticating the endpoints. In the meantime, we will be adding more abstractions to shape the authentication system as the groundwork before opening the extension points for the authentication system. You could check the subsequent stories in issue #1035 and track our progress there.
Migration from LoopBack 3 to LoopBack 4
LoopBack has a guide on migrating applications from LoopBack 2 to LoopBack 3, and it’s only fitting that we include a guide on migrating applications from LoopBack 3 to LoopBack 4 as they reach feature parity. However, the latter’s transition is more complicated than the former’s transition. We have an epic, if you would like to see more details.
This month, we did two spikes to work on this transition. We started with a proof of concept demonstrating how to take LoopBack 3 model definition files (e.g.
common/models/product.js) and drop them without any modifications into a LoopBack 4 project. You can find the original idea in issue #2224 and the working code in pull request #2274.
Unfortunately, this approach turned out to be too expensive to implement and maintain, and we decided to abandon it.
Not all is lost, though! While discussing the proof of concept, we realized there is a simpler way how to build a bridge between LoopBack 3 and LoopBack 4: mount the entire LoopBack 3 application as a REST component of the LoopBack 4 project.
We have also identified few new stories to bridge the gap preventing LoopBack 3 applications to be migrated to LoopBack 4, see the following GitHub comment.
Generate Docker Files through the CLI
We added a new feature to the CLI: the
--docker option when generating a LoopBack application. This option generates
.dockerignore, and two Docker scripts:
docker:run. See Application generator to see how to generate an application with
Following this feature, we added a fix that forces the test host to be
HOST environment variable or IPv4 interface, which makes it easier to run LoopBack 4 application tests inside a Docker container.
Documentation on Submitting a Pull Request
We introduced a detailed list of steps to follow if you want to submit a pull request for LoopBack 4. This guide includes steps for beginners and for experienced users. It took a lot of discussion to finally nail a balanced read that was both concise and informative. You can now follow this handy resource if you would like to submit a PR to
Tutorial on Mounting LoopBack REST API on an Express Application
We added a new tutorial demonstrating how to mount LoopBack 4’s REST API on an Express application. Users can now mix both the Express and LoopBack 4 frameworks in order to best match their own use cases. In this tutorial, we mounted a
Note application created by the LoopBack 4 CLI on top of a simple Express server and served a static file. You can follow the tutorial or see the completed example by using the command
lb4 example express-composition.
New Layout for Test Files
In a series of incremental pull requests, we reworked our project layout, moved all test files from
src/__tests__ directory and updated TypeScript build configuration to place files directly to
dist folder, instead of
LoopBack 4 projects scaffolded with recent versions of
lb4 tool will use the new layout too.
Existing projects can be updated with a bit of manual work:
- Move your test files from
- Edit script in
package.jsonto use the new test location.
"test"entries from the
- Fix any broken
The pull request #2316 shows how we updated our example applications; you can use it as a reference guide.
You can now disable the OpenAPI spec endpoints (e.g.
/openapi.json) which will also disable the
/explorerendpoint by setting your rest’s
openApiSpec.disabledoption to true. See Customize How OpenAPI Spec is Served for more
rest.openApiSpecoptions. PR #2470.
You can now use a custom repository base class in your LoopBack application. PR #2235.
This month, the team went to downtown Toronto for a meetup. This included an overview of LoopBack 4, along with demonstrations of what LoopBack 4 can do. Check out the blog post about it. There was also a Quick Lab and Master Class session for LoopBack 4 in IBM’s Code@Think in mid-February. And finally, Raymond presented at DeveloperWeek 2019 where he talked about Building APIs with Node.js, TypeScript, and LoopBack.
If you want to come to our future events, keep an eye out on the Strongblog for announcements.
As the number of contributions from our community rises, we are spending an increasing part of our time on reviewing these pull requests and helping our volunteers to get their changes landed. In fact, every fifth pull request opened this month was contributed by you! Check out the community-contribution label to see pull requests by the community.
We would like to take a moment to thank everyone who has submitted a pull request; the team really appreciates your contributions.
There are also other ways for getting involved beyond code contributions. Triaging issues and reviewing pull requests are examples of activities that would help us to accelerate the success of LoopBack as an open-source project. You can learn more about different contribution opportunities in Contributing to LoopBack.
Call to Action
LoopBack’s future success depends on you. We appreciate your continuous support and engagement to make LoopBack even better and meaningful for your API creation experience. Please join us and help the project by:
- Reporting issues.
- Contributing code and documentation.
- Opening a pull request on one of our “good first issues”.
- Joining our user group.