Introducing the module, assessment and schedule.

Re-introduction to Javascript. Review language structure and usage.

Review the nature & structure of the DOM. Basics of JQuery library

Learn how to invoke REST services in JQuery using ajax features. Explore github and fouresquare APIs in this context.

Introduction to node development, framing the origins of node and its role in modern applications. Explore some simple node code and identify its unique features

Explore the role of the HAPI application framework. Examine routing, connections, handlers and views within HAPI. Explore HAPI views in depthReview the DRY principle and the role of layouts. Employ the handlebars templating engine, incorporating partials and other constructs.

Review the role of Sessions in web applications. Incorporate the hapi-auth-cookie plugin into HAPI application to manage sessions. Review session strategies, protected and unprotected routes, cookie passwords, timeouts and other configuration options.

Introduce Persistence layer technology, specifically via a NoSQL databases. Explore the role of an ODM in this context and review the fundamental modeling techniques.

Detecting incorrect or invalid input, and alerting the user as to the nature of the errors, is essential to a modern web application. Validation components are focused on this, and HAPI has an elegant and useful component called joi to provide a robust and efficient approach to this.

Moving the application from a local development machine to a public servers is called deployment. There are a range of options available. We will focus on heroku and zeit.

As models increase in complexity, seeding the database with an object graph is a useful technique, enhancing developer productivity. It facilitates exploratory development + early validation of model decisions.

Exposing a programmatic interface to a service can facilitate more diverse client. These can include test clients to exercises the application, a mobile application or alternative front ends.

Security context: threats and attacks. First encryption exercise

Standard security services; Cryptography: data encryption

Authentication and digital signatures. Certificates and TLS.

Test Driven Development is a keystone technique in modern application development. It comprises of a range of techniques, anchored but the XUint range of libraries and tools.

Web Application Vulnerabilities (OWASP Top Ten); Threat Modelling

APIs are said to be Restful if the adhere to a set principles encompassing url patterns, payload and general structure.

Web application authentication and related topics

Explore the Retorfit library, and use it to build java clients of our REST API

Explore the basics of SPA applications, and build a simple SPA using Aurelia

Also known as Ethical Hacking

Compose aurelia applications using independent view models. Establish shared state via EventAggregators

Client side routing is a feature of most SPA frameworks. It facilitates a more flexible and consistent user and developer experience.

Explore how to connect an aurelia app to a rest API.

Securing APIs requires different approach from session based strategies, as we may not have browser on the client. Json Web Tokens is a well established authentication mechanism for APIs.