How to build a CLI with Node.js
Command-line interfaces (CLIs) built in Node.js allow you to automate repetitive tasks while leveraging the vast Node.js ecosystem. And thanks to package managers like
yarn, these can be easily distributed and consumed across multiple platforms. In this post we'll look at why you might want to write a CLI, how to use Node.js for it, some useful packages and how you can distribute your new CLI.
Why create CLIs with Node.js
One of the reasons why Node.js got so popular is the rich package ecosystem with over 900,000 packages in the
npmregistry. By writing your CLIs in Node.js you can tap into this ecosystem including it's big amount of CLI-focused packages. Among others:
There are a variety of reasons why you sometimes don't want to give out your phone number to people but still want to receive SMS and be able to reply. Maybe you are trying to sell something on the internet, maybe you want to set up a way for people to report code of conduct violations at an event, or maybe you just don't trust the newly met person that asked for your number. In the past I showed how you can quickly set up a message forwarding with practically no coding using TwiML Bins. However, it doesn't let you respond using that number. Let's take a look at how we can change that using Twilio Functions.
Creating a Twilio Function
Before we get started, make sure you have a Twilio account. Sign up here for free: www.twilio.com/try-twilio
Once you are logged in, head to the Functions ...
Building an Intelligent Coffee Order System with Twilio Autopilot
Wouldn't it be great if you could save daily a few, maybe awkward, interactions with other humans and let bots take care of it instead? However, often these bots are not too intelligent when it comes to interacting with you. In this blog post we'll learn how we can build a smarter SMS bot in just a few minutes.
In a previous blog post we talked about how we love to serve coffee at conferences and other events "Twilio-Style" by allowing attendees to order their coffee via SMS. If you haven't read the blog post, make sure to check out Serving Coffee with Twilio Programmable SMS and React. Unfortunately we had a fairly rudimentary way of handling the orders. Until now.
Let's see how we can upgrade this existing project using Twilio Autopilot to be truly intelligent.
If you would prefer to see how this works by watching a video ...
Locally developing and debugging Twilio Functions
Twilio is all about HTTP endpoints & webhooks. From responding to incoming SMS, to controlling the flow of a voice call to blocking unwanted chat messages with an
onMessageSendwebhook, chances are that you'll end up writing an HTTP endpoint for the Twilio product you're interacting with. Twilio Functions allow you to write and host those endpoints directly in the Twilio cloud while relying on the power of Node.js.
What if you want to develop these functions with your IDE or editor of choice and run them locally? What if something goes wrong and you want to use your debugger to dive deeper into it? For this reason I built
twilio-run, a command-line tool that allows you to run your Twilio Functions in your local environment.
Let's dive into how it works, and how it can help your development flow with Twilio.
This tool is still in ...
Building an npm search bot with WhatsApp and Twilio
The npm ecosystem is vast by now with almost 750k packages published. Naturally, you’ll find yourself often trying to look up a package you don’t remember. The npm search is great for that but what if you just want to quickly look up a package on the go? Let’s build a bot that can look up the packages for us using Twilio’s API for WhatsApp integration.
Just like with Twilio Programmable SMS we’ll need a webhook that will respond to incoming HTTP requests with every message sent to our WhatsApp bot. The webhook then has to reply with TwiML to reply to these messages.
We’ll build our webhook using Twilio Functions. This allows us to write Node.js code and host it in a serverless function directly on Twilio.
To get started make sure you have:
- A Twilio account (sign up for a ...
Building a chat with Twilio, lit-html, Parcel and TypeScript
When building a web application you often reach a place where you’ll have to render a similar element multiple times and as efficiently as possible. That’s when a lot of web developers start reaching out to frameworks and libraries such as React, Vue or Angular. But what if we only want to do efficient templating and don’t want the tooling & code overhead of these libraries?
One library that aims to solve this problem is
lit-htmlby the Polymer team. It uses browser-native functionality such as
<template/>tags and tagged template literals to create efficient templating. Let’s take a look at how we can use it by building a Twilio Chat application with
Serving Coffee with Twilio Programmable SMS and React
For the last couple of years we’ve started serving coffee at various events using Twilio Barista, combining different Twilio APIs, such as Programmable SMS, Twilio Sync, and other web technologies. This way you can send an SMS to order your coffee, and get notified as soon as your coffee has been prepared by the barista.
On the birthday of the HTCPCP we figured it’s time to teach ...
Creating and Publishing Web Components with Stencil
Web Components is a technology I’ve been excited about for years. The idea is that you can create your own UI components that are supported in the browser regardless of which framework you are using (or none at all for that matter). However, there wasn’t much traction around them until recently.
The web components APIs are pretty low level by themselves but projects like Polymer are trying to improve the developer experience and recently more tools came along to help with authoring web components. One of these tools is Stencil from the Ionic team.
If you are not yet familiar with web components, I suggest you check out this short introduction on webcomponents.org to get an idea of Custom Elements and Shadow DOM. If you want to have a better idea of why web components might be of interest for you, even if you don’t author ...
Going surfing – Protect your Node.js app from Cross-Site Request Forgery
Cross Site Request Forgery aka CSRF/XSRF (read C-Surf). They are used by attackers to perform requests on behalf of users in your application without them noticing. Let’s look at how they can pull this off and how we can protect our applications from these type of threat.One classic attack when working with web applications is
Let’s talk theory
Before we can prevent CSRF attacks we need to understand how they work. Typically these attacks are executed on the functionality of web applications that use form-based submissions like
POSTrequests and cookie-based authentication.
An attacker places a hidden form into their malicious page that automatically performs a
POSTrequest to your page’s endpoint. The browser then automatically sends all the cookies stored for that page along with the request. If a user is logged into a current session, the attacker could, for example, post a message ...
Putting the helmet on – Securing your Express app
Express is a great way to build a web server using Node.js. It’s easy to get started with and allows you to configure and extend it easily thanks to its concept of middleware. While there are a variety of frameworks to create web applications in Node.js, my first choice is always Express. However, out of the box Express doesn’t adhere to all security best practices. Let’s look at how we can use modules like
helmetto improve the security of an application.
Before we get started make sure you have Node.js and npm (or yarn) installed. You can find the download and installation instructions on the Node.js website.
We’ll work on a new project but you can also apply these features to your existing project.
Start a new project in your command line by running:
mkdir secure-express-demo cd ...