A secure web app template using NodeJS

Alpar Gür
8 min readMar 25, 2023

This week we have released SecureWebApp. The first open-source project that I have worked on. It’s a one small step for mankind, one giant leap for me! So what is “SecureWebApp” ?
As the name suggests it’s a secure web application. End of the story, thank you for reading (haha just kidding).

It is indeed a web application offering fundamental security features out of the box. What’s also special about it is that it has been developed in a modular fashion which lets you build an app with various modules as if they were lego blocks (more on that later).

This fall term we have teamed up at my home university to get on with this meaningful project. In the age of Internet, security is the real deal. Sometimes it might be an overwhelming process to find out proper security mechanisms for your use case and easy to get lost in the thick of it, meanwhile all you want to just put on your favorite playlist and start coding.

This is where the SecureWebApp comes into rescue. It is ultimately a template which you can use for any kind of web application and directly focus on the main usecase scenarios.

At the very beginning of the journey we have taken three key requirements along with us:

1. Modularity

A template acts as a base. It embodies the essential pieces and abstracts them to be used over and over again while preventing repetitive tasks. Furthermore, it should be easy to extend. This is the reason why we have opted for modularity.

We have implemented each functionality / usecase as a module. With this approach it is easy to plug-in or remove modules without causing any breaking changes. There are some cases where a module depends on other module(s) and in those situations all related modules should be carefully handled.

Component view of the SecureWebApp. Modules are loaded via ModuleLoader script during the application launch.

2. User friendly

We have targeted a broad group of users from beginner to expert developers as our audience and to prevent any discouragement that may arise due to a technical debt (like a pre-requisite to get familiar with a certain…

--

--