The time has come to dig in to the beast. Let's start building our Node.js CMS. I have the idea, and I am ready to go except... I can't think of a good way to keep my admin section secure. In fact, how should I even set up my file structure? Well, this is what I figured out and what really worked for me.
Please understand, the methods and approaches I mention in this article COULD be completely wrong simply because I am no Node.js master. If you find something that could be optimized, please let me know. I am just trying to learn, and document the hurdles I am trying to overcome as I build this CMS I have dreamt of.
So for my framework, let me first state that I am choosing the following modules to build out my CMS / application:
- Express.js (Routing)
- MongoDB (Database)
- Mongoose (ODM or Object Data Modeling)
With that cleared up, let me share with you first what I have learned and then we will just layout how I plan on creating my CMS. To start, there are two approaches to creating and admin system...
Keeping the admin system on the same server as the application
From what I have seen, there are some pros and cons for this approach. It is an effective and most used by the larger content management systems such as WordPress, Drupal, and Joomla. Some of the benefits would be:
- Re-use more code (user models, views, etc.)
- Re-use designs (CSS, JS)
- Shorter build time
And some cons:
- When your application goes down for maintenance so does your admin section
- A little less secure (from the countless articles I have read - please understand this isn't from personal experience)
Separating the admin and the application
Yet again, there are pros and cons for this one. Here are some pros:
- Can be more secure
- Application and admin section can scale separately
- Application can be taken down for maintenance without crashing the admin section (CMS)
And here are some cons:
- Can make the actual app creation process more tedious to create two separate servers / applications that will have to share some resources.
- A lot less re-usable code
- longer build time
Now, for the purposes of my CMS, having the admin section go down for dev maintenance is actually a huge deal to me. In fact, I do want to make this CMS both user friendly and dev friendly and further more, make it easy to build upon. So can you guess? Yep... I want to take the hard approach to creating a CMS. I want to separate the application and the CMS and use a subdomain to access my admin section (for example, rather then your standard mywebsite.com/admin, we woulc go to our DNS and create a subdomain for admin.mywebsite.com and point it to our CMS application).
So no let's get to what you came here for. The actual file structure I plan on using for my CMS I am going to build. And now that you can see I am going to build my CMS with both the regular application and a separate CMS application, you can imagine it will be a tad bit more complex then normal.
root |- application |- controllers |- models |- admin-user.js |- posts.js |- views |- layouts |- config |- routes.js |- public |- css |- js |- server.js |- admin |- controllers |- models |-user.js |- views |- layouts |- config |- routes.js |- public |- css |- js |- server.js |- node-modules |- package.json
So, as you can see... that is a $%#! ton bigger than your typical application file structure. Is it necessary? No, but at the same time, I want this CMS to make it easy to add features while keeping the application and admin features completely separate.
Is this optimal? Well, I really hope so. I really want to keep my code modularized and when I dig in to the admin section, I only want to see admin files and vice versa with the application. Could this be optimized? I am sure of it and I really look forward to revisiting this in the future after I have learned so much more. But for now, this will do and this, is how I will be building out my CMS.