CodeMash 2013: Client/Server Apps with HTML5, Play, CoffeeScript

Today I’ll be presenting at CodeMash 2013 about Client/Server Apps with HTML5, Play, CoffeeScript, and More. Here is the session description:

The web application landscape is rapidly shifting back to a Client/Server architecture. This time around the Client is JavaScript, HTML, and CSS in the browser. The tools and deployment techniques for these types of applications are abundant and fragmented. This session will teach you how to pull together jQuery, LESS, Twitter Bootstrap, and some CoffeeScript to build the Client. The Server could be anything that talks HTTP but this session will use the Play Framework. You will also learn how to deploy Client/Server web apps on the cloud using a Content Delivery Network (Amazon CloudFront) for the Client and a Cloud Application Provider (Heroku) for the Server.

The session is today at 4:50 PM in Rosewood. Hope to see you there!

  • Mark

    Wish I was there! I would definitely watch a recording of this if you make one available!

    • Thanks! It was recorded and will eventually be posted on InfoQ. :)

  • dbau88

    James I love your philosophy around client/server separation – I’m seeing more and more web apps adopt it (frontend on a CDN, stateless RESTful backend). Really looking forward to the video of this talk.

    One thing I’d like to know more about is your approach to Authentication in Play. Suppose you’re building a social network, how would you go about authenticating the client against the stateless backend and persisting the user session? I understand theoretically the client would send a token with each request to the backend, and, depending on the response code, you would determine whether that user should receive that data or not – but I kinda struggle with this in practice. Would you recommend a Play module such as SecureSocial to do this? Do you have any examples of this in practice?

    Thanks in advance – keep up the great work! :)

    • Thanks! I do need to build out a sample of this… But in a nutshell… Send a token on each request, using a custom HTTP header, not a cookie. Then maintain the session data on the server. This helps avoid CSRF attacks. This definitely needs a whole blog and sample app…

      • dbau88

        Thanks James! I’ll give that a try. A blog post + sample app would be super awesome if you’ve ever got the time. :)