Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Fastify is a fast and low overhead web framework for Node.js. It is highly performant and provides an extensive plugin architecture, making it suitable for building a wide range of server-side applications and services.
Web Server
Fastify allows you to create a web server that can handle HTTP requests and send responses. The above code demonstrates setting up a simple server that responds with JSON when the root route is accessed.
const fastify = require('fastify')({ logger: true });
fastify.get('/', async (request, reply) => {
return { hello: 'world' };
});
fastify.listen(3000, (err, address) => {
if (err) throw err;
fastify.log.info(`server listening on ${address}`);
});
Route Shorthand Methods
Fastify provides shorthand methods for different HTTP methods like GET, POST, etc. This makes it easy to define routes for various request types.
fastify.get('/example', (request, reply) => {
reply.send({ message: 'This is a GET request' });
});
fastify.post('/example', (request, reply) => {
reply.send({ message: 'This is a POST request' });
});
Schema Validation
Fastify supports schema validation for request payloads, query strings, and parameters using JSON Schema. This ensures that the data received is in the expected format.
const schema = {
body: {
type: 'object',
required: ['name'],
properties: {
name: { type: 'string' },
age: { type: 'number' }
}
}
};
fastify.post('/user', { schema }, (request, reply) => {
// Handle request knowing that the body has been validated against the schema
});
Plugins
Fastify has a powerful plugin system that allows you to extend its core functionality. Plugins can add new features, routes, services, and decorators to the Fastify instance.
const myPlugin = async (fastify, options) => {
fastify.decorate('utility', () => {
return 'something useful';
});
};
fastify.register(myPlugin);
// Now you can use fastify.utility() in your application
Lifecycle Hooks
Fastify provides lifecycle hooks that can be used to execute code at various stages of the request/response cycle, such as onRequest, preHandler, onResponse, etc.
fastify.addHook('onRequest', (request, reply, done) => {
// Perform some operations before the request handler is executed
done();
});
Express is one of the most popular web frameworks for Node.js. It is known for its simplicity and minimalism. Compared to Fastify, Express has a larger ecosystem and community but may not be as performant due to its less optimized architecture.
Koa is a web framework designed by the creators of Express, aiming to be a smaller, more expressive, and more robust foundation for web applications and APIs. Koa uses async functions to eliminate callbacks and improve error handling. It is less opinionated than Fastify and has a smaller footprint.
Hapi is a rich framework for building applications and services, known for its powerful plugin system. It is designed to be more configurable and to provide a richer set of features out of the box compared to Fastify, which can make it heavier and potentially slower.
Restify is a Node.js web service framework optimized for building semantically correct RESTful web services ready for production use at scale. Restify is similar to Fastify in terms of performance but is more focused on API creation than being a general-purpose web framework.
An efficient server implies a lower cost of the infrastructure, a better responsiveness under load and happy users. How can you efficiently handle the resources of your server, knowing that you are serving the highest number of requests as possible, without sacrificing security validations and handy development?
Enter Fastify. Fastify is a web framework highly focused on speed and low overhead. It is inspired from Hapi and Express and as far as we know, it is one of the fastest web frameworks in town. Use Fastify can increase your throughput up to 100%.
npm i fastify --save
// Require the framework and instantiate it
const fastify = require('fastify')()
// Declare a route
fastify.get('/', function (request, reply) {
reply.send({ hello: 'world' })
})
// Run the server!
fastify.listen(3000, function (err) {
if (err) throw err
console.log(`server listening on ${fastify.server.address().port}`)
})
Do you want to know more? Head to the Getting Started
.
Machine: Intel Xeon E5-2686 v4 @ 2.30GHz (4 cores, 8 threads), 16GiB RAM (Amazon EC2 m4.xlarge)
Method:: autocannon -c 100 -d 10 -p 10 localhost:3000
* 2, taking the second average
Framework | Version | Router? | Requests/sec |
---|---|---|---|
hapi | 16.6.2 | ✓ | 5,768 |
Restify | 5.2.0 | ✓ | 17,589 |
Express | 4.16.1 | ✓ | 20,860 |
total.js | 2.8.0 | ✓ | 22,201 |
Koa (koa-router ) | 2.3.0 (koa-router@7.2.1 ) | ✓ | 23,093 |
Koa | 2.3.0 | ✗ | 25,571 |
take-five | 1.3.4 | ✓ | 28,255 |
micro (micro-router ) | 9.0.0 (micro-router@2.2.3 ) | ✓ | 28,700 |
connect (router ) | 3.6.5 (router@1.3.2 ) | ✓ | 33,753 |
Fastify | 0.29.2 | ✓ | 34,613 |
micro | 9.0.0 | ✗ | 36,522 |
connect | 3.6.5 | ✗ | 37,810 |
- | |||
http.Server | 8.6.0 | ✗ | 39,952 |
Benchmarks taken using https://github.com/fastify/benchmarks. This is a synthetic, "hello world" benchmark that aims to evaluate the framework overhead. The overhead that each framework has on your application depends on your application, you should always benchmark if performance matters to you. The relative overhead of micro, connect and fastify is too small to measure, and they perform very closely on this benchmarks.
Getting Started
Server Methods
Routes
Logging
Middlewares
Hooks
Decorators
Validation and Serialize
Lifecycle
Reply
Request
Content Type Parser
Plugins
Testing
Plugins Guide
fastify-accepts
to have accepts in your request object.fastify-accepts-serializer
to serialize to output according to Accept
headerfastify-apollo
Run an Apollo Server with Fastify. (GraphQL)fastify-auth
Run multiple auth functions in Fastifyfastify-bankai
Bankai assets compiler for Fastifyfastify-bearer-auth
Bearer auth plugin for Fastifyfastify-cookie
Parse and set cookie headersfastify-env
Load and check configurationfastify-formbody
Plugin to parse x-www-form-urlencoded bodiesfastify-graceful-shutdown
Shutdown Fastify graceful asynchronouslyfastify-helmet
Important security headers for Fastifyfastify-hemera
Fastify Hemera plugin, for writing reliable & fault-tolerant microservices with nats.iofastify-jwt
JWT utils for Fastify, internally uses jsonwebtokenfastify-leveldb
Plugin to share a common LevelDB connection across Fastify.fastify-mongodb
Fastify MongoDB connection plugin, with this you can share the same MongoDb connection pool in every part of your server.fastify-multipart
Multipart support for Fastifyfastify-nats
Plugin to share NATS client across Fastify.fastify-orientdb
Fastify OrientDB connection plugin, with this you can share the orientdb connection in every part of your server.fastify-postgres
Fastify PostgreSQL connection plugin, with this you can share the same PostgreSQL connection pool in every part of your server.fastify-react
React server side rendering support for Fastify with Nextfastify-redis
Fastify Redis connection plugin, with this you can share the same Redis connection in every part of your server.fastify-register-timeout
Register plugin with a timeoutfastify-sse
to provide Server-Sent Events with reply.sse( … )
to Fastifyfastify-swagger
Swagger documentation generator for Fastifyfastify-websocket
WebSocket support for Fastify. Built upon websocket-streampoint-of-view
Templates rendering (ejs, pug, handlebars, marko) plugin support for Fastify.Fastify is the result of the work of a great community. Team members are listed in alphabetical order.
This project is kindly sponsored by:
Licensed under MIT.
FAQs
Fast and low overhead web framework, for Node.js
We found that fastify demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.