Creating this issue following a chat with Jeff on Twitter https://twitter.com/juxtajeff/status/404416046179708928

It would be great to be able to set up various logging appender based on environment in KrakenJS, e.g.:

• in development, log to console and file
• in production, log to a rolling file

KrakenJS currently supports app config and node environment config.
However, almost all applications I've worked on need more than those 2 levels of config, e.g.:

• non node environments config, e.g. dev, test, stage, prod, DR. where each one can have multiple copies: testa, testb, testc . I guess the naming is custom.
• internal vs external config
• datacenter/region config, e.g. on the same test environment, there are some configs that would be specific to certain datacenter or region
  So a config property can override each other based on its position in the chain.

Is it possible for Kraken to consume the config files under config directory, then in app.json I can configure the config chain?

I understand that this can be done outside of Kraken. nconf works nicely, and it's indeed something that I had at my Kraken-like module at work.
But for what KrakenJS is trying to achieve, I think it's a common pattern and can translate to less plumbing to worry about for application development.

A bit of backstory (because from my experience, most NodeJS people aren't even aware this is a thing)

In django we have the concept of DRY, where we only define our routes once in the project or apps urls.py. There we give each route a regex pattern (defining some matches for kwargs and args), a name, a namespace and a controller to handle this matched route.

if for example I have a route like (using python code as an example):

url("^products/(?P<productID>\d+)/$", views.ProductDetailView.as_view(), name="product-detail"),
url("^auth/google/$", views.SocialAuthRedirectView.as_view(), name="social-auth-google")

In a template if I want to generate an url in my controllers (django calls them views):

import reverse

class SocialAuthRedirectView(RedirectView):
    def get_success_url(self, *args, **kwargs):
        return reverse("social-auth-google")

and in my templates (what you guys call views):

{% extends "base.html" %}

{% block content %}
  <a href='{% url "social-auth-google" %}'> login with google </a>
{% endblock %}

So ignoring that i'm using python here to illustrate a deficiency in most nodejs routing modules... (that of Don't Repeat Yourself), using express-enrouten, how would I achieve the above in nodejs?

I'm really not keen on hardcoding urls in my templates or my js modules. it's really bad practice and makes my modules non-portable.

Add an alias to the start command (npm start) so it fits better with the project name:
release the kraken

Hi, I am working with Sujana in Paypal professional service.
I am trying to use express validator with Kraken.
I have downloaded express validator. How can I configure it with Kraken?
I am looking at app.json file but not sure what the syntax should be.
Thank you,

Vivian Yu
Developer
[email protected]

By default, kraken is currently configured to require the use of less. This sucks. Remove the hard dependency.

Not totally sure where the behavior belongs, but we want to be able to stop the server from accepting connections and allowing it to drain existing connections before exiting. We can do this a number of ways, but adding a hook for a process signal seems most straightforward:

Add hook for an agreed upon signal (SIGTERM?)
Stop server (prevent new connections)
Add 'Connection: close' to all existing connection responses after server.close().
Once server closes, exit process with appropriate status code

I observed some error and stack trace logged to the console that was puzzling.

Per Erik:

Found it.

It's coming from the default error handler in kraken-js: https://github.com/paypal/kraken-js/blob/master/lib/middleware/error.js#L49

The error is being handled by express, thus it's technically not "uncaught".

Can you file a bug against kraken-js to improve this? Thanks,

-Erik

I would very much like it if my kraken app would auto-reload when the server source files are changed.

I'm not necessarily suggesting that this be built into Kraken — I just want to know how and where this functionality should fit into my stack. Should it baked into Kraken? Should I look into using something like remy/nodemon?

Any thoughts would be appreciated.

Hi,

Are there any plans to create an example app which uses Socket.IO? I've been trying to integrate it myself but I can't seem to get Socket.IO to listen on the express server which Kraken creates. I'm using app.requestStart but /socket.io/socket.io.js isn't available (with a self created express server on another port it works fine).

Thanks.

The methods are injection points for adding middleware and functionality in a given place on app startup. The docs aren't entirely clear about the fact that they are not runtime.

Hi guys,

Thanks for releasing Kraken; I watched a talk on YouTube on how PayPal's dev approach was given a 'modern' upgrade and was rather excited to hear you'd be releasing your dev stack.

Just noticed that the Requests Served example on the README is currently missing; since it's early days, no worries. Quick heads up :)

Cheers M.

I am very much a Node newbie and I am checking out how to build web apps leveraging Kraken. So far it has been a great experience. I did want to relay a bit of friction I ran into trying to configure my application on startup using the handy config infrastructure.

I added a custom kev/value to config/app.json. I was unsure of how I should retrieve the value. The documentation doesn't have an example. My first inclination was to simply try my key as a property of the config object. config.mykey

I had to dive into the tests and it seems I need to do the Backbone like thing and do a get config.get('mykey')

No big deal. It seems to me that an example in the Configuration section of the read me would be helpful to others to avoid having to dive into the code.

Thanks for the great project.

I'm trying to integrate password-local with Kraken using the example in the README. The redirect for an incorrect password works fine, but npm dies when the credentials are correct.

Error:

Wed, 27 Nov 2013 21:48:03 GMT uncaughtException passport.initialize() middleware not in use
Error: passport.initialize() middleware not in use
    at IncomingMessage.req.login.req.logIn (/home/nmalcolm/libertas/node_modules/passport/lib/passport/http/request.js:30:30)
    at Context.delegate.success (/home/nmalcolm/libertas/node_modules/passport/lib/passport/middleware/authenticate.js:194:13)
    at Context.actions.success (/home/nmalcolm/libertas/node_modules/passport/lib/passport/context/http/actions.js:21:25)
    at verified (/home/nmalcolm/libertas/node_modules/passport-local/lib/passport-local/strategy.js:83:10)
    at /home/nmalcolm/libertas/controllers/index.js:86:16
    at findByUsername (/home/nmalcolm/libertas/controllers/index.js:45:14)
    at /home/nmalcolm/libertas/controllers/index.js:82:7
    at process._tickCallback (node.js:415:13)
npm ERR! weird error 1
npm ERR! not ok code 0

As you can see below I have used requestBeforeRoute but it's still failing. Is there something I'm missing, or is the feature just a bit janky?

controllers/index.js:

'use strict';

var passport = require('passport')
  , LocalStrategy = require('passport-local').Strategy;

module.exports = function (server) {

    server.requestBeforeRoute = function (app) {
        // Register passport-js middleware
        app.use(passport.initialize());
        app.use(passport.session());
    };

    server.get('/', function (req, res) {
        var model = { name: global.application_title, token: res.locals._csrf };
        res.render('index', model);
    });

    server.post('/',
      passport.authenticate('local', { failureRedirect: '/bad.txt' }),
      function(req, res) {
        res.redirect('/good.txt');
    });

};

var users = [
    { id: 1, username: 'bob', password: 'secret', email: '[email protected]' }
  , { id: 2, username: 'joe', password: 'birthday', email: '[email protected]' }
];

function findById(id, fn) {
  var idx = id - 1;
  if (users[idx]) {
    fn(null, users[idx]);
  } else {
    fn(new Error('User ' + id + ' does not exist'));
  }
}

function findByUsername(username, fn) {
  for (var i = 0, len = users.length; i < len; i++) {
    var user = users[i];
    if (user.username === username) {
      return fn(null, user);
    }
  }
  return fn(null, null);
}


// Passport session setup.
// To support persistent login sessions, Passport needs to be able to
// serialize users into and deserialize users out of the session. Typically,
// this will be as simple as storing the user ID when serializing, and finding
// the user by ID when deserializing.
passport.serializeUser(function(user, done) {
  done(null, user.id);
});

passport.deserializeUser(function(id, done) {
  findById(id, function (err, user) {
    done(err, user);
  });
});


// Use the LocalStrategy within Passport.
// Strategies in passport require a `verify` function, which accept
// credentials (in this case, a username and password), and invoke a callback
// with a user object. In the real world, this would query a database;
// however, in this example we are using a baked-in set of users.
passport.use(new LocalStrategy(
  function(username, password, done) {
    // asynchronous verification, for effect...
    process.nextTick(function () {

      // Find the user by username. If there is no user with the given
      // username, or the password is not correct, set the user to `false` to
      // indicate failure and set a flash message. Otherwise, return the
      // authenticated `user`.
      findByUsername(username, function(err, user) {
        if (err) { return done(err); }
        if (!user) { return done(null, false, { message: 'Unknown user ' + username }); }
        if (user.password != password) { return done(null, false, { message: 'Invalid password' }); }
        return done(null, user);
      })
    });
  }
));

Creative Commons recently released a new version of their licenses. Details here: http://creativecommons.org/version4

They're recommending anyone using the 3.0 licenses to upgrade.

We should probably have our legal types review the differences in the legal language of course, but I'm betting it'll probably be a sound move to upgrade.

Works locally, but when deployed to heroku I'm getting this error:

$ node index.js
[TypeError: Arguments to path.join must be strings]

Installing generator-kraken and running yo for a fresh install from the heroku console works though.. I'm not sure what exactly generator-kraken does, and if it installs any other deps...

I read getting start to start my first kraken-js project.

when i run the project it throws :

my env:

node v0.10.22
win 7 x64

500 Error: Failed to lookup view "index"

    at Function.app.render (E:\ProjectNode\hi\node_modules\express\lib\application.js:493:17)
    at Function.clobbered [as render] (E:\ProjectNode\hi\node_modules\makara\lib\view\js.js:49:20)
    at ServerResponse.res.render (E:\ProjectNode\hi\node_modules\express\lib\response.js:801:7)
    at ServerResponse.app.response.render (E:\ProjectNode\hi\node_modules\kraken-js\lib\patch\stream.js:71:32)
    at E:\ProjectNode\hi\controllers\index.js:9:13
    at callbacks (E:\ProjectNode\hi\node_modules\express\lib\router\index.js:164:37)
    at param (E:\ProjectNode\hi\node_modules\express\lib\router\index.js:138:11)
    at pass (E:\ProjectNode\hi\node_modules\express\lib\router\index.js:145:5)
    at Router._dispatch (E:\ProjectNode\hi\node_modules\express\lib\router\index.js:173:5)
    at Object.router (E:\ProjectNode\hi\node_modules\express\lib\router\index.js:33:10)

I've been trying to create controllers with .coffee extensions (and converted the ./index.js file to index.coffee - and updated package.json to reflect that). However, the .coffee controllers seem to be ignored. Is there an easy way to utilize coffeescript in kraken without having to compile all controllers, etc. into js?

Suppose I want to put some custom configurations in app.json or middleware.json.
Currently I can use nconf to get them like this:

var nconf = require('nconf');
var sessionSettings = nconf.get('middleware:session');

But is there a better way to do this?

I followed the steps mentioned in the ReadMe file and Krakenjs.com to setup and run the HelloWorld app.

But, for some reason, when I try npm start, I am getting the following error:

LM-SJC-00712384:SampleNodeApp schandrashekar$ npm start

[email protected] start /Users/schandrashekar/Documents/Workspace_nodeapp/SampleNodeApp
node index.js

[TypeError: Cannot read property 'prototype' of undefined]

I havent changed anything within the project. Just followed the instructions mentioned.

This gap in the kraken design has given me heartburn since day 1, and I'm sure it's one of the reasons people look to hapi.js as opposed to express/connect.

Without this feature we will continue to get PRs adding if statements around each registered middleware.

Some folks have already solved this (e.g. c9 + architect) but I'm thinking we can do something slightly lighter weight than wrapping all middleware in yet another API.

Since connect multipart is going away, we need to define a strategy for moving forward, whether it's adding multipart support to kraken or pushing it on to the app owner to handle.

connect.multipart() will be removed in connect 3.0
visit https://github.com/senchalabs/connect/wiki/Connect-3.0 for alternatives
connect.limit() will be removed in connect 3.0

Kraken adds a express.logger listener, even though it can be configured by adding a "logger" section to middleware.json, that conflicts with app.json "logger".

Need a way to turn off Kraken logging to express.logger, or resolve the conflict somehow.

I generated a basic Kraken.js template on Windows by using yo kraken, said yes to RequireJS and filled the other details out. When I attempt to run the project though, I run into this:

D:\localdocs\versioned-projects\web\kraken-test>npm start

> [email protected] start D:\localdocs\versioned-projects\web\kraken-test
> node index.js

Multipart body parsing will be disabled by default in future versions. To enable
, use `middleware:multipart` configuration.
connect.multipart() will be removed in connect 3.0
visit https://github.com/senchalabs/connect/wiki/Connect-3.0 for alternatives
connect.limit() will be removed in connect 3.0
{ [Error: listen EACCES] code: 'EACCES', errno: 'EACCES', syscall: 'listen' }

Is this something that can be 'fixed', or would it require changing dependencies etc.?

http://krakenjs.com/?utm_source=nodeweekly&utm_medium=email#Quick
written: sudo npm install -g generator-kraken
expected: sudo npm install -g yo generator-kraken

e.g. a SECURITY.md file.

Filing as a reminder.

The grunt build task is failing on my Windows 7 machine. After creating a project with the yo kraken command, if I immediately run grunt build, I get this output:

Running "jshint:files" (jshint) task
>> 2 files lint free.

Running "less:compile" (less) task
File .build/css/app.css created.

Running "requirejs:compile" (requirejs) task

Tracing dependencies for: app
Uglifying file: c:/Users/cpryce/projects/ktest2/.build/js/app.js
Uglifying file: c:/Users/cpryce/projects/ktest2/.build/js/config.js

app.js
----------------
config.js
app.js


Running "clean:tmp" (clean) task

Running "clean:build" (clean) task

Running "makara:files" (makara) task
Warning: Invalid regular expression: /([\]?)$/: Unterminated character class Use --force to continue.

Aborted due to warnings.

This is possibly an error with the dustjs-i18n.js task in makara. It would seem this line would make an invalid RexExp if the path separator is ''

var regexp = new RegExp('([' + path.sep + ']?)$');

When creating the dest filename, ensure only the file extension is being replaced.

Use a regular expression here to ensure the ext is at the end of the path.

Again I am new to Node and Express so I am not idiomatic in my approach. I am getting a lovely error with no stack or line number where it occurred. Googling around it seems I need to setup the express error Handler to spit out details.

app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));

I could not figure out how to edit middleware.json to accomplish this.

I tried:

    "middleware": {
    //...
        "errorHandler": {
            "dumpExceptions": true,
            "showStack": true
        }
    }

I was able to get things going by adding the app.use statement to my app.configure callback but my guess is there is a much better way.

Thanks for releasing Kraken, I'm looking forward to checking it out after seeing some of your presos on it.

I've created a new project per https://github.com/paypal/kraken-js (yo kraken) but when I run "npm start" I get

% npm start
> [email protected] start /home/ctoomey/devct/nodejs/krakenDemo
> node index.js
[TypeError: Cannot read property 'prototype' of undefined]

Having only played a little bit with node and express, I'm not sure what's missing from the skeletal project that I would need to add to get node started up successfully and serving a simple 'hello world' page when hitting localhost:8000/.

Can you tell me, and consider adding that info to the above page for other newbies like me?

thx,
Chris

P.S. The email address listed, [email protected], is bouncing:

Delivery to the following recipient failed permanently:

 [email protected]

Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the recipient domain paypal.com by lore.ebay.com. [216.113.175.103].

The error that the other server returned was:
550 #5.1.0 Address rejected.

The app that gets generated by 'yo kraken' uses require.js. However in master.dust the script line:

expects it to be in that directory.

The yo kraken script needs to add require.js to that directory.

@johnnyaboh A paragraph about testing best practices. I'd like to know which libraries are you using to test your kraken apps

#61 needs to be mentioned in the documentation

This is probably borderline question and feature request.

How will KrakenJS handle the situation where the application logic is CPU intensive? Where requests keep getting accepted, the event loop grows, and eventually the process runs out of memory.

Is there any plan to add something like toobusy module to identify this situation so Kraken would no longer accept more requests when the process is already 'busy'.

Or would this be considered an OPS problem that shouldn't be handled by Kraken?
Edit: or is it the responsibility of the application to move the CPU-intensive task to a separate process outside of Kraken?

eg: App lives in ~/dev/myApp/index.js

If I invoke the app from a different directory it fails:

eg:

~dev $ node myApp/index.js

Solution (PR to be submitted later)
This line

this._config = config.create(this._resolve('.'));
could be changed to
this._config = config.create(this._resolve(path.dirname(process.argv[1])));

To reflect the true root of the app, as opposed to the current working directory.

The email address listed, [email protected], is bouncing:

Would be helpful to have the name of the file path that wasn't able to be parsed. 👊 Rec'd this message:

[Error: Error parsing your JSON configuration file.]

💩

To make the code more JavaScript and Windows friendly. This should apply across the suite.

#21 added kraken:state to the app to check for when it's in a disconnecting mode. We should add additional values listening, disconnected, and starting.

Having trouble wrapping my head around how should I configure kraken-js app to use mongoosejs or something similar. Can I configure using config files, or do I do it the old way.
The suite is quite nice, I really like the app security module really nice work guys. Also it seems quite hard to find kraken-js related info as there is another project named kraken. Also what about IRC channel?

I'm trying to use kraken to build an API server and as such I don't require any templating engine but I can't configure the need for one away.

I've tried:

"view engines": null

and

"view engines": {}

Both fail. I'd be willing to make a PR for this. Any thoughts on how it should be implemented?

I have been hacking on a project using kraken and I have run into issues with the templates/css & bower components installed in the public directory.

I can get either to work but not both..

If i configure the middleware.json as follows:

    "static": {
      "srcRoot": "path:./public",
      "rootPath": "path:./.build"
    }

All the templates and css work but i get 404s for anything in public/components as it is trying to load it from ./build/components. Is this intentional?

If i configure middleware.json as follows:

    "static": {
      "srcRoot": "path:./public",
      "rootPath": "path:./public"
    }

Then templates work but css, specifically the files compiled by less don't load as it is looking for them in public/css. All of the stuff in ./public/components does work though.

Any ideas how to get both these working at the same time?

Should we consider updating the generator to use dusts-linkedin 2.2.2 (2.2.3 is not yet out on npm).

I was reading through the change log and one new feature in particular seems useful: Support for dynamic partial names:

Instead of :
{> "path/to/partial"}

Use:
{> "{pathToPartial}" }

It could be tangentially useful for Poornima's task.

The only place where there might be an issue is in one of adaro's test fixtures, where we have what seems like a compiled template, that uses something that is now deprecated. (getPath, in /test/fixtures/templates/index.js).
Tests run green with the newer version.

(They also have some new, nicer debuging features)

I was excited to see that paypal made a framework. Will it offer a quick and easy way to set up charging?

We are getting tons of these messages from Kraken to our console, interfering with our test outputs, making it hard to spot and debug test failures.

127.0.0.1 - - [Wed, 11 Dec 2013 19:11:41 GMT] "POST /test HTTP/1.1" 200 16944 "-" "CERN-LineMode/2.15 libwww/2.17b3"
127.0.0.1 - - [Wed, 11 Dec 2013 19:11:41 GMT] "POST /test HTTP/1.1" 200 14211 "-" "CERN-LineMode/2.15 libwww/2.17b3"
127.0.0.1 - - [Wed, 11 Dec 2013 19:11:41 GMT] "POST /test HTTP/1.1" 200 17362 "-" "CERN-LineMode/2.15 libwww/2.17b3"
127.0.0.1 - - [Wed, 11 Dec 2013 19:11:41 GMT] "POST /test HTTP/1.1" 200 14613 "-" "CERN-LineMode/2.15 libwww/2.17b3"

Part of my app is an API. How do I disable CSRF for this and only this action?

My app works great in dev mode, but when i try to execute in production i have the following error:

    Tue, 17 Dec 2013 00:01:42 GMT uncaughtException Object [object Object] has no method '_get'
TypeError: Object [object Object] has no method '_get'
    at body_0 (cache.vm:1:563)
    at /var/www/pruebakraken/node_modules/adaro/lib/patch/index.js:85:33
    at /var/www/pruebakraken/node_modules/adaro/lib/reader/js.js:47:13
    at /var/www/pruebakraken/node_modules/makara/lib/cache.js:68:13
    at fs.js:266:14
    at /var/www/pruebakraken/node_modules/makara/node_modules/graceful-fs/graceful-fs.js:103:5
    at Object.oncomplete (fs.js:107:15)

any idea?

PS: Sorry for my bad english