Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
0:01
Welcome to syntax on this Monday. Hasty treat.
0:03
We're going to be stepping into your context
0:05
here. We're going to be adding some information
0:07
and we're going to be downloading directly into
0:09
your brain. That's right. We're talking about middleware.
0:11
My name is Scott. It's a gamma developer
0:13
from Denver. And with me as
0:15
always is west boss back from
0:18
vacation. West. Yeah. Going. Yeah.
0:20
Good. I, uh, little scatter brain
0:22
right now. Cause you got to, you know,
0:24
when you get back from vacation, there's a million little things
0:27
that you gotta gotta get to, but pretty,
0:30
pretty stoked and, uh, and
0:32
well rested. So ready to talk about
0:34
middleware. Yeah. It's always good
0:36
to come back from a vacation and
0:39
talk about middleware. Uh, we talk
0:41
about a lot of things on this podcast. And if
0:43
you want to hear CJ West
0:45
and I talk about even more
0:47
head on over to our YouTube,
0:49
which is, uh, youtube.com/at
0:52
syntax FM on YouTube. We're
0:54
posting a ton of stuff.
0:56
In fact, just the
0:58
day we're recording this today, which will
1:01
slightly date this, uh, CJ released a
1:03
video showing practical examples of has the,
1:05
actually the things that we talked about
1:07
on this very show. And people said,
1:09
we want to see code. Well,
1:11
CJ has given you code and
1:13
he built a little mini site where you can even play
1:15
with these things. It's pretty sweet. It's really,
1:17
really pretty sweet. So check it out. Uh,
1:20
syntax FM on YouTube. If you have not
1:22
subscribed, go over there and just break your
1:24
track pad. Just press that subscribe button so
1:27
hard. So, uh, let's get into it.
1:29
Middleware. What is it? Why is it handy? Why do
1:31
people care about it? Why do you use it? Yeah.
1:33
I thought we'd talk about middleware. I think it's
1:35
an interesting part of building
1:38
really any application. And this,
1:41
the concept of middleware applies to absolutely
1:44
everything systems design, but we're going to be
1:46
talking about it in terms of like, you're
1:48
building a backend web server and
1:51
when might you need middleware and why
1:54
is it handy? So middleware
1:56
is for is A
1:58
bunch of code. Or some code. That
2:00
would run. In. Between the
2:03
initial request and the actual
2:05
event handler that handles your.
2:08
Data. That's coming in so somebody visit. See
2:10
you around this submit a form. They.
2:12
Save something they try to access
2:15
around that is behind a log
2:17
in state. A. Lot of
2:19
times when you want to run
2:21
some sort of logic or functionality.
2:24
Before. The user hits that
2:26
route handler om you inject what's
2:28
called middleware which is a function
2:30
that will run in. It could
2:32
be multiple functions as well and
2:34
it's used to. Check
2:37
if somebody has access to a specific route
2:39
its use to. Will
2:41
do a whole bunch of examples
2:43
but generate some data from a
2:45
another system and bring it into
2:47
that specific request. Ability to skip
2:49
expense of operations: Take the logic
2:52
out of a you around handler
2:54
because sometimes you'll have a route
2:56
handler. That. Will do specifically
2:58
something and it doesn't make sense
3:00
to muddy the logic of that
3:03
wrote handler. Maybe I'm somebody. Saves
3:05
an item to the database, right?
3:07
They update an item, the cook
3:09
the save button. It doesn't always
3:11
make sense to put all of
3:14
the logic behind a sanitation and
3:16
I data parsing and which switch
3:18
servers are going to multi ten
3:20
Affleck is. doesn't make sense to
3:23
put all of that logic into
3:25
that specific route handler. Because
3:27
you can just assume that those things
3:29
are in place at that point and
3:31
put that other logic into a middleware.
3:33
So I've been using middleware for for
3:35
quite awhile. It's been a concept in.
3:38
Expression was was the first time that
3:40
I've ran into it specifically be assigned
3:43
called connect By. It's all of the
3:45
modern frameworks now as well have this
3:47
concept of middleware when I'm talking about
3:49
how to use it in and some
3:51
examples as well. Yeah. In
3:53
into even just give a
3:55
our food sandwich based analogy
3:57
here. We go ahead. If
4:00
the request is the sandwich going into
4:02
your mouth. Or the requests
4:04
respond to. You could take of the middleware caspian
4:06
like the bread right? It yeah, steps
4:08
in. Between. The meat of all the
4:11
stuff you're doing at the top, in the bottom of it,
4:13
right? you got. You. Got the
4:15
top layer. Always the matter is. The.
4:17
What maker? Ah, Is
4:20
added. My brother in law is I think
4:22
that the friends references in it either. Yeah
4:24
now on his M M. My brother laws
4:26
of Big Friends was an eye for the
4:28
record A hit Friends I think it's a
4:30
garbage Shelves are by recognize that nonsense and
4:32
he gets of each other's do things that
4:34
makes that make me laugh about friends as
4:36
to this and awesome maker and lot of
4:38
noise maker is that the idea that you
4:41
have a. A sandwich
4:43
and you need to add some in a gives
4:45
you moisture right. and I got a turkey sandwich
4:47
sauce over Thanksgiving in there there's a layer that.
4:49
You add to that to add the moisture
4:51
to at. and I've never seen that friends
4:53
episode but I I get the reference and
4:56
Cats will. Either way, it is is destined
4:58
to a request and response at the start
5:00
and end of your browser as I can
5:02
do all sorts of stuff. So let's talk
5:04
about the real world. Examples like
5:07
what what my you use middleware for I
5:09
think a big one that you know a
5:11
lot of web sites have is authentication right
5:13
arm and the way that authentication works and
5:16
middleware is that that request com Then usually
5:18
that authentication token is in a cookie or
5:20
something. right? And what you do it that
5:22
cookie is the new Go look up the
5:25
session that the users lot, Then are you
5:27
look up the user you check to make
5:29
sure that they're properly authorized or authenticated and
5:31
then you load up that user data and
5:33
yeah put in in the context in in
5:36
that. Information for the user, the rolls
5:38
or whatever is available for anything you
5:40
need to do from that point forward.
5:43
The I'm a it's often make sense
5:46
to. Like for example, in
5:48
my application I have four sys admin
5:50
and then I have. Are probably
5:52
sixteen different routes. different
5:55
routes i can be rendered as well as different
5:57
routes i can be up the data us And
6:00
I don't put the logic of are they
6:02
logged in and do they have the permissions
6:05
in every single one of those routes. You
6:07
put it in a single piece of
6:09
middleware and you say apply this middleware to
6:12
any/admin route handlers. And what that middleware would
6:14
do is that yet, like Scott says, it
6:16
looks up the current user if
6:19
and it will look up their current, if
6:22
they have access to those specific things. And if they
6:24
don't, it throws an error and it will render out
6:26
an error page so you don't have access to this
6:29
specific thing. But
6:31
if it does, it puts the
6:33
user on the request and then
6:35
any route that's after admin will
6:38
now have access to the current
6:40
user and you can generally access
6:42
it via something like request.user or
6:44
request.data. How you access those
6:47
values is different in every single application, but
6:49
generally they just stick it into the request
6:52
or make it available via
6:54
the async local storage API, which
6:56
is new in Node.js. Yeah,
6:59
and generally, when we're talking about this
7:02
stuff, we're gonna be referring to that
7:04
as context because that makes
7:06
sense. Wes just flashing
7:09
his syntax sticker there on video. Yeah,
7:13
Wes put a syntax sticker on the bottom of
7:15
the mug so anytime he takes a drink, it's
7:17
great. But
7:21
so that when we refer to context
7:23
in this episode, what we're talking about
7:25
is less of the technical bones of
7:29
something. Implementation, yeah. Implementation, right? But we're more
7:31
or less talking about the concept of
7:34
putting something into context, and
7:38
I did a little quote there, that is
7:40
available throughout the rest of your request
7:43
cycle. Some
7:45
other ideas for middleware that are commonly
7:47
used is redirecting users to a specific
7:49
instance. So if somebody is coming into
7:52
a URL that has been shared via
7:54
American, this happens all the time in
7:56
Canada, Sometimes you'll want
7:58
to redirect that user. You the
8:00
Canadian version of that website or
8:02
if you have data privacy laws
8:05
and you somebody is signing up
8:07
for a specific use case you
8:09
could sec what their Ip addresses
8:11
are or where their request is
8:13
originating from and then you may
8:15
want to say that users' data
8:17
any specific database that lives maybe
8:20
in Europe or in a different
8:22
region that you he must keep
8:24
their data inside of that specific
8:26
instance. Bird. Or
8:28
you could also use it for logging
8:30
in stats, you know, sometimes especially larger
8:33
applications they dump all of their logs
8:35
into. or maybe even a third party
8:37
logging provider. Maybe they're writing at the
8:39
files, but what you can do by
8:42
logging and middleware is that request comes
8:44
and you have access to all of
8:46
the information in the request. Log.
8:48
It you can even lod how long
8:50
a route took to resolve her how
8:53
long the process in between the start
8:55
and end of this process is because
8:57
again you have access typically in middleware
8:59
to be the ended in the certain
9:01
the end of the process. Maybe
9:04
I should explain one more thing about
9:06
middleware. The idea with middleware is that
9:08
you get the request the and right
9:10
you can add stuff to the the
9:12
context of you want are you can
9:14
log stuff but the idea is that
9:16
you you call like next or you
9:18
return I knew response from the middle
9:21
where and then it will continue on
9:23
down your specific route. So what you
9:25
could do in development mode is that
9:27
if you only want to have logging
9:29
turned on and development because he wanted
9:31
you want to have a nice verbose
9:33
mode. you. Could just say if process.you
9:35
envy equals development then log that value
9:37
out otherwise don't specifically do that. I
9:40
can also be really handy for trying
9:42
to to temporarily turn on some debugging
9:44
few simply haven't gone wrong and production.
9:46
You can flip on some logging and
9:49
middle you're not actually changing the code
9:51
that is running and that's that's such
9:53
a nice thing to just leave that
9:55
as is not have to modify it
9:58
in said was just jump in. Middle
10:00
there, He. Are in totally to.
10:02
You can even like start a timer to
10:04
so that request comes in. You started timer,
10:06
you do all your stuff in the middle
10:08
and then you log the end result of
10:11
that timer. I was doing at that in
10:13
just our putting in in three different images
10:15
based on how long that process took in
10:17
milliseconds. If it was I forget the actual
10:19
numbers but if it was slow I just
10:21
had a turtle output to my logs. If
10:24
it was fast I had a bunny and
10:26
it goes very fast. I had a rocket
10:28
ship and that is in development. It
10:30
was easy to see like oh, if I'm
10:32
working kind of casually of this thing I'd
10:35
hear can always taken a really long time.
10:37
Ah, Just. Just as a
10:39
little canary in the coal mines. Not
10:41
necessarily any deep sort of the understanding
10:44
of the performance, but little canary. I.
10:47
Ab testing really handy as well
10:49
if you are building a landing
10:51
page and you want to are
10:53
right for ten percent of the
10:55
users or users who have this
10:57
specific flag on or users that
10:59
has a access is one thing
11:01
ideas his country codes as well.
11:03
I provide discounts for different countries
11:05
based on where users coming and
11:08
what I do is I have
11:10
a set middleware in there that
11:12
when the request comes in I
11:14
check via a header at says
11:16
what country. Are they from and if
11:18
they are from a specific country, all
11:20
populate. The. Sole name of
11:22
the country because like I'll just get
11:25
like Cia and I wanted to populate
11:27
that to Canada. and then I'll also
11:29
populate some information about coupon code, set
11:31
the gets, and then when it comes
11:33
time to actually rendering the application, you
11:35
can simply just check if that value
11:37
is there's a if there is a
11:40
coupon code then run around the coupon
11:42
code banner. Of course you can. You.
11:44
Could chains see what's heading specifically works
11:46
better and even get really? It's really
11:49
really complicated with the different ab testing
11:51
values. One last one. while I guess
11:53
we you know even a few more.
11:56
Otherwise, You're just can be spending the whole
11:58
time here And examples but yeah, You
12:00
can also have your error handling and
12:02
logging. In fact, our century set up.
12:05
For making sure that our ears are
12:07
captured and sense to century so that
12:09
way we can solve them in a
12:11
very timely manner. with centuries amazing tools
12:13
and features. But
12:16
look as a out this ah yes, where
12:18
the that's all been done in middleware as
12:20
well. just sort of steps. In their. Other
12:23
things: caching expenses renders of
12:25
the we have. A
12:28
things in on servers and in
12:30
the browser and on Cdn to
12:32
to do caching but also you
12:34
could use. You can
12:36
simply just memorize a function or implement your
12:38
own cashing in a middleware. which is they
12:40
are it. Well if I've already done this
12:43
query, I've got the data here in in
12:45
a key value store. I can just return
12:47
the data directly and then it's not, never
12:49
even need to hit that value Says another
12:52
thing that can happen from middle as you
12:54
don't have to continue on in the middle
12:56
where you can simply just return early and
12:58
then the their class will never actually hit
13:01
that later middleware am in. The last one
13:03
I have here is a multi tenant applications
13:05
so. I run and are
13:07
probably eleven different domain names on
13:10
a single Know Js application for
13:12
all my courses am in the
13:14
way that I determine which. Domain
13:17
name in which course somebody is
13:20
actually. Viewing. Is.
13:22
I run a set of middleware so one
13:24
of the very first metal as it's at.
13:27
The. Request goes through is it
13:29
says if the domain name
13:31
has. A beginner javascript.com
13:34
in it then set the course
13:36
code to be j S and
13:38
then later on in the rendering
13:41
to put it would choose. Which
13:44
files tax or rent or based
13:46
on that data that had been
13:48
set earlier. So if you that's
13:50
that's an example of a multi
13:53
tenant application is just me on
13:55
the only tenants but if you
13:57
were to have multiple customers being.
14:00
running on the same code base,
14:02
you can use a middleware to
14:04
determine which customer is this when
14:07
you go through the whole process. And you can
14:09
even do that with databases. If you have multiple
14:12
databases running for each of
14:15
your customers, you might
14:17
need to set the database connection string
14:19
in a middleware before you hit any
14:21
of those database calls. Yeah
14:24
and even another one that a lot
14:26
of people have used before whether they
14:28
know it or not is that by
14:30
default when you have like form data
14:32
submitted to your application or you're sending
14:34
data to your server, that data isn't
14:37
typically parsed and Express did this with
14:39
was it what is the
14:41
Express implementation of this call? The
14:43
body parser? Body parser, yes. Where
14:46
that is essentially parsing data. In fact I
14:48
wrote one of these for SvelteKit to do
14:50
that for me so that anytime I submit
14:52
a form it's always available at local.form data.
14:55
So just being able to parse your data
14:57
at any point in their request so that
15:00
it actually comes in as a JavaScript object
15:02
instead of inside of
15:04
the headers or anything like that is a
15:06
it's a nice little thing. Where
15:12
does it run? I think we covered that. I
15:16
think it
15:18
runs on the edges. That's the way
15:20
I think about it. Okay well let's keep this
15:22
in. Where does middleware run? Does it run in
15:25
the middle? Does it run on the edges? That's
15:27
a good question. So traditionally there
15:29
with Express it simply runs in
15:31
the same application and it just
15:34
is a function that runs before
15:36
the rest of your your other
15:38
functions right. However it's becoming more
15:40
and more popular to run
15:42
your middleware in a totally separate environment
15:44
that's called an edge function. It runs
15:47
at the edge because if you're gonna
15:49
stick a whole bunch of logic before
15:51
your actual application runs it better be
15:54
fast as hell otherwise you're gonna really
15:56
extend the load
15:58
times of those specific
16:00
handlers. So where
16:02
a lot of these things now run is
16:04
they run on the edge and
16:06
they run in environments that are
16:08
not typically full node JS. So
16:11
probably the most common one is
16:13
running in a CloudFlare worker and
16:16
the CloudFlare worker will try to run it
16:18
as close to the user as possible. So
16:20
you get the best response times and
16:23
it will run it in a
16:25
pared down environment that doesn't necessarily
16:27
have the whole node JS setup.
16:29
Although CloudFlare is pretty close to
16:32
being node JS compatible as well
16:34
right now and that's how Vercel
16:36
middleware and Next.js middleware also runs
16:38
in CloudFlare workers. So you have
16:41
the same idea there. Yeah.
16:43
And even when I think about the edge, I don't
16:45
even necessarily think about the technical edge, but I think
16:47
about like it runs at
16:50
the edges of your application, right before
16:52
all the juicy stuff in the middle
16:54
happens. Yes, you got yeah, you
16:56
step in there and you say hey, I'm doing
16:58
some stuff. I'm working here and then you go
17:00
into your actual stuff and then you know,
17:02
you come back and finish off your middleware. So
17:05
to me like I like to think about it
17:07
like I mentioned before is like the bread of
17:09
the sandwich. It's starting stop
17:11
at the sandwich and then all the the
17:14
the moist maker. I don't even know what you're
17:16
talking about. The moist maker as your regular route
17:18
handler. All you got is your stuff in the
17:20
middle is all your your actual
17:23
work, right? You
17:25
also hit timeout limitations as well in a
17:27
lot of these edge areas.
17:31
So it might not make sense
17:33
to wait connect
17:35
to a database. You might not be able to
17:37
do a whole database connection setup. We
17:39
talked about that if you go back
17:42
to the episode we did
17:44
on serverless databases, we
17:46
talked about sort of limitations around all of
17:48
that, but often people
17:51
will forgo the whole database connection
17:53
string or they'll use a
17:55
database where you can use it in a
17:58
middleware and they'll just stick stuff in. like
18:00
a key value store or something that's really, really
18:02
fast to connect to and
18:04
access. Yeah. So
18:06
yeah, we're talking a little bit about limitations
18:08
here, but you know, I do, you know,
18:11
we briefly mentioned this. If you're doing too
18:13
much work in your middleware, remember
18:16
that's work that happens
18:18
on every request, right? If
18:20
every single time you're heading to your
18:22
database to load up the user to
18:25
do that's a database call on every
18:27
single request. So just be cognizant of
18:29
what you're doing in this middleware. And
18:32
if you need to do some things that are heavier,
18:35
we've mentioned caching, find a way to catch them
18:37
or find a way to reduce that sort of
18:40
that load time. I, you know, that's a common thing
18:42
is where people will put like a, um,
18:45
some sort of like heavier data initialization or
18:47
something into their middleware without even thinking about
18:49
it. And then sure enough, every single request
18:51
comes in, you're having to do some process
18:53
that you might not have to do on
18:56
every request. Yeah. For,
18:58
for the user one, I'm curious if you think
19:00
that this, I, many, many years
19:02
ago, I was like, is it okay to
19:05
look up the user on every single request? And
19:08
I came to the conclusion those, yeah, you
19:11
could cache that for a little while
19:13
if you really wanted to, but, uh,
19:15
it's totally fine. And it's very fast
19:17
to do a quick database lookup of
19:20
the currently logged in user based on their
19:22
session, um, especially when you're need
19:24
to update the user and maybe permissions, things
19:27
like that. It's will be a
19:29
pain in the butt if you have to cache data,
19:31
uh, and have to revalidate that
19:34
in every application I've ever done, I've
19:36
just, just query the current user
19:38
on every single request. And it's never been
19:40
issue for me. Have you done caching of
19:42
that? Yeah, I've done caching of it,
19:44
but with Redis. So, um, in, in
19:47
the way that we're doing that on
19:49
level up specifically is Obviously
19:51
anytime the user's updated that that cache is
19:53
updated, but the cache is like per session.
19:55
So When that auth token comes in, the
19:57
first thing we do is check the. To
20:00
see if that session is is in
20:02
there and they log out or that
20:05
session has expired or whatever. We have
20:07
all the information anyway so we can
20:09
dumper are you know hit the database
20:11
but like typically you're checking base user
20:14
stuff, you're checking emails and. Roles.
20:16
And things like that. I I definitely had that
20:18
coming in from a quick read as check and
20:21
that's it. Which is
20:23
you know it can be very fast to
20:25
do that wait caching and I did find.
20:28
Not like a crazy amount of savings,
20:30
but it's still savings nonetheless. You know
20:32
you have deficit you databases living off
20:34
site. Go another place. Come back with
20:36
that data. Media user data has a
20:38
ton of stuff on it on. So.
20:40
You never know. Yeah a the other something
20:42
that I've done successfully here. Is
20:45
that that's a good point is like
20:47
what's in that query could significantly like
20:49
if you're clearing the current user and
20:51
all their courses and all their progress
20:53
of every video and every transaction they
20:56
have and you're sticking all of that
20:58
if. If that's like. Around
21:00
like a. Three. Hundred k
21:02
of data that has to go over
21:05
the way or somewhere and then be
21:07
stored in memory and that the certainly
21:09
could couldn't slow you now have also
21:11
acts as a youth should probably throw
21:13
some timers in there. Are you something
21:16
to figure out? Where is that? The
21:18
time of this request being spent? You
21:20
know you could misallocate said five hundred
21:22
milliseconds. That's kind of slow but of
21:24
where is that Five hundred milliseconds being
21:27
spent and if that is in your
21:29
user look up then it's probably worth
21:31
throwing it. Into reticence it is when as
21:33
I would work is you would you to keep
21:35
your middleware for the user but the early on
21:37
in that user look up middleware use you check
21:40
if it's in the cash and and the red
21:42
us guessing that as fast as hell to be
21:44
able to just quickly returned the taskers rather than
21:46
do a whole hour round trip to the database
21:48
get fast as hell for. Ah,
21:52
Right arm oh. Last. Thing we
21:54
have here next. Yes, middleware is
21:56
one file only so I love
21:58
the Express and. Hello Jazz does
22:01
this as well where you you set up
22:03
your your route you say or it admin
22:05
for it's last. Anything and then
22:08
you can have year. Pop.
22:10
Populate user or check for authors
22:12
do they have access to the
22:14
specific things. And. Then. That
22:17
will then move onto the next where
22:20
I love doing that at a route
22:22
level and the next. Yes middleware is
22:24
of one single file that will run
22:27
on every single request and you have
22:29
to add the logic in yourself. There
22:31
also is there's a matters are you
22:34
can say are a only route run
22:36
this on the specific thing but you're
22:38
essentially reemploy mentoring. The. Entire read
22:40
or yourself and I was like wiser, not
22:42
like a middleware file that used to sit
22:44
in the app router like I'm one and
22:46
I want to go to the admin folder
22:49
and put a middleware oh yeah, file in
22:51
there and then have that run only on
22:53
and apparently they had tried that and it
22:55
was very confusing and I can see how
22:57
could get kind of mighty as like a
22:59
very simple example us talking about it may
23:01
be sounds like a good idea but also
23:03
they had try this so that was kind
23:05
of a bit of a bummer to me
23:07
because I said oh. You
23:09
you. Have this app router might like. I don't
23:12
have to write a writer assists folders but but
23:14
then if you want middle where are you do
23:16
have to write. Your. Own router and
23:18
you have to match the the your rolls and you
23:20
say if it starts with this and you gotta make
23:22
sure that that's not. My. Com
23:24
Injectable. You know that yet to make
23:26
sure that the user can accidentally come
23:28
up with the Euro that matches your
23:30
registers so I thought that was a
23:32
bit of a pain in the butter
23:34
task do that. But either either I
23:36
got my data for that. an insult
23:39
Kit World layouts in in Skokie of
23:41
the concept of having like a server
23:43
side lay out in so let's say
23:45
you're in the admin section. You could
23:47
toss essentially what you would toss their
23:49
into the that like was a we
23:51
have board says Adnan we put the
23:53
eye out. that server and/admin you do
23:55
your checks you do you're riding their
23:58
that's going to run before dead literally
24:00
anything else in that that route section. So technically
24:02
if you have like a server-side layout type of
24:05
deal like that you could you could throw it
24:07
in there and it would be the same. That's
24:10
at least how I accomplished that type of thing. Yeah
24:12
that's what I wanted to do. I was like I
24:14
want this to work like the syntax website. Yeah
24:17
right. As far as I could tell it it
24:19
doesn't doesn't work like that especially if you want
24:21
it to run at the
24:23
edge in in the middle rather than be part
24:26
of the the actual generation.
24:29
Yeah word. And
24:31
then also connect style. We've
24:34
talked about Express, Fastify, pretty much
24:36
any Hano.js, any framework you pick
24:38
up will have this concept of
24:40
middleware or hopefully we'll have this
24:42
concept of middleware and you
24:44
just gotta take a look at it. What does
24:46
it look like in your specific application? That's it.
24:50
Anything else to add there? I
24:53
don't. Yeah middleware you can sometimes
24:55
find them on NPM sometimes you just
24:57
write them yourself and
25:00
you know these types of things I think
25:02
you get more comfortable with it and eventually
25:04
just become something you do on every project
25:06
but just about every single application I write
25:08
has middleware in it. Yeah. And it does
25:11
all kinds of stuff for me. So yeah
25:14
if you're not using middleware it's probably a
25:16
good idea to look into
25:19
it and only that I think
25:21
it will clean up some of the stuff that
25:23
you're doing in individual routes so that you don't
25:25
have to do it in the individual route itself.
25:28
I just remembered one more
25:30
thing I forgot to say is that like
25:32
often these middleware you just said you can
25:34
NPM install them the reason you can often
25:36
NPM install them is because they are standard
25:38
space. So they are either connect
25:41
style meaning that
25:43
they have a request a
25:45
response and the next function and
25:48
connect style will work with pacify
25:50
express the all kinds of different
25:52
frameworks or there'll be the
25:54
new modern version which is the fetch
25:57
or web request web response where you're
25:59
simply just returning returning a fetch request
26:01
or returning a response object and
26:04
those will work or there'll be something
26:07
that is somewhat a variant on that
26:10
and that's why you can just usually NPM install
26:12
them all and like you could go and NPM
26:14
install like a rate limit that's
26:16
another really good use case as well as you
26:19
you want to stop somebody from hitting your sign
26:21
up endpoint a million bazillion times you could
26:23
write a middleware I have this in my own application
26:26
where it stops people from hitting
26:29
it too many times it's a rate limit
26:31
middleware and you simply need to NPM install
26:33
it and they work with more than just
26:36
one specific framework yeah we had
26:38
something called the ban hammer on level
26:40
where if people tried
26:42
like I think it was oh man
26:44
there were some there if they if they
26:46
had had a failed credit card attempt for
26:48
like three times or something in
26:51
a row I don't know there
26:53
were some number we had attached yeah into the user
26:55
object and it we would permanently
26:57
ban them and the way that the banning
26:59
worked is it applied a class that made
27:01
it look like the user was logged out
27:03
but it wouldn't let them log in because
27:05
they were already logged in it was like
27:07
a nice clever like they can't
27:09
they'll just be like what am I I can't log
27:11
in anymore oh man or every day refresh
27:14
make the opacity one
27:17
percent yeah that's good or every one in
27:19
every ten
27:24
requests show them but then not
27:27
I don't know there's a lot of fun stuff you could
27:29
do there but that is middleware hopefully you enjoyed that we'll
27:31
catch you later peace peace
27:44
you
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More