METEOR : AN INTRODUCTION

“Meteor is to Node.js as Rails is to Ruby.”

Key to Meteor is hidden in its name only: speed. If you want to develop reactive hybrid application (for iOS, Android and Web Browser) on Node JS, in less duration of time, then Meteor or Meteor JS is perfect choice.

Meteor is a free open source MVC (Model View Controller) based Javascript Web Framework. Meteor is written on top of Node JS. Meteor is Isomorphic Development Ecosystem, i.e. same code can be used on both frontend and backend. Meteor application uses Javascript on both frontend and backend that’s the reason behind Meteor being referred as Full Stack Javascript Framework. Meteor was developed by Meteor Development Group on January, 2012. Latest stable release of Meteor is 1.6, released on November, 2017. Figure below depicts overview of Meteor platform.

Meteor An Introduction

Meteor Platform Overview (Source : joshowens)

Under the hood of Meteor we get all at one place required for development, i.e. HTML, CSS, Angular React for frontend, MongoDB as database for client side. On server side if requirement is of No sequel based database then we can use MongoDB if SQL based database is required then we can use Salesforce, PostgreSQL, AlaSQL, Apollo, GraphQL, MSSQL etc. Meteor’s database connectivity can be provided using Apollo. Inbuilt database of Meteor is MongoDB.

Meteor on front-end uses Javascript that runs on Browser, on back-end also Meteor uses Javascript that executes on Meteor server inside a Node JS container. Core concept of Meteor is reactivity. Meteor provides real time synchronization of data i.e. as soon as change in database is made it is shown on web page. For synchronization Meteor apps maintain a low data connection to server using DDP (Distributed Data Protocol) protocol. It allows instant changes on client side. This prevents polling the server for update after every few seconds. To synchronize data over DDP Meteor uses Minimongo, it allows client to reactively get mongo data. Figure below depicts the workflow of Meteor using DDP and Minimongo.

Meteor An Introduction

Work-flow of Meteor (Source : Whymeteor)


Key Features in Meteor

Meteor mainly has 7 features:

  • Web Browser / Frontend : In Meteor frontend can be developed using (HTML, AngularJS, ReactJS) or Meteor’s inbuild BlazeJS. To reflect changes on client side (Meteor.isClient) {} is used.
  • Server / Backend : Meteor uses Javascript for server side coding also. (Meteor.isServer) {} is used to reflect server side changes. Meteor uses DDP (Distributed Data Protocol) to move data across wire (server send data, not HTML and client renders it).
  • Methods : Methods are like API for server. These methods are defined on server side and are called by using their counterpart on client side. Methods are used to perform CRUD operations on database. Meteor methods are declared inside Meteor.method({}). Meteor methods helps in making complex function easier.
  • Publish : Publish function is used on server side to fetch data from database. We can’t allow all data of our database to be available for our user. By using Publish function we can set limit on data that will be available for that particular user.
  • Subscribe : Data we publish on server side using Publish function is used on client side by using Subscribe. For example, if we are browsing Mark’s profile then we will subscribe his posts only.
  • Helpers : Helpers are one of most important part of Meteor applications, Helpers allow to set data dynamically on HTML by using Meteor’s inbuilt Blaze template. Each Blaze template has different Helper and it’s Helper get destroyed when scope of template is destroyed.
  • Autorun : Autorun is used to check data modification. When reactive data, on which Autorun depends on modify, then Autorun re-execute.
Advantages of Meteor :
  1. Meteor being built on top of Node JS allows development using Javascript only on both client and server side. So, no need to learn many languages.
  2. Meteor uses MongoDB on backend. For beginners it is easy to get started with it then with RDBMS.
  3. Development by Meteor save lots of time due to smart packages available on NPM and Atmosphere.
  4. Meteor provides it’s inbuilt, reactive, optimized and modular HTML interface writing library, Blaze. Blaze follows Spacebars template syntax, which is variant of Handlebars.
  5. Meteor can get additionally better if used along with React, Angular, GraphQL
  6. Meteor project structure is well-organised and easy to understand.
  7. Meteor has got its supportive and active community which is big plus for Meteor.
  8. Meteor also allows to build CMS (Content Management System) powered app, using ButterCMS.
  9. Meteor also allow free deployment on its server by using “meteor deploy appname” for testing purpose. For production purpose or cloud hosting we can use Heroku, Modulus or VPS (Virtual Private Server).
  10. Meteor provide its Galaxy container that can be used to deploy Meteor based app on cloud. Galaxy also lets user to see and search on debug logs.
Disadvantages / Vulnerabilities of Meteor :
  1. Meteor is slow to work on windows. It take lots of time to develop build, even after single line change.
  2. If requirement is of website, not a web application, then Meteor is not of much use.
  3. Initial rendering time of Meteor is more, i.e., Meteor takes more time to display first page.
  4. Meteor can’t be used to develop Progressive Web Applications.
  5. Meteor shouldn’t be used to develop Web-Services / REST API, without client. Meteor could be overkill.
  6. Meteor shouldn’t be used for mobile games highly dependent on graphics, they might not get required performance.
  7. Meteor’s reactive interface writing library, Blaze lacks two-way data binding unlike AngularJS. This shortcoming can be overcome by using Meteor with Angular.
Meteor Security
Any application is as much secure as its developer make it. Security concept of Meteor is very simple : Code that run on server side can be trusted. Data sent from client side can’t be trusted. This simply means we should validate data on client side before sending it to server and we shouldn’t store any secret information on client side. More security is provided in Meteor by :
  • Client and Server side code must be properly separated. Connections to server especially in which data is passed must be properly authenticated.
  • Meteor provides allow / deny rules of database access providing only partial access of database.
  • Meteor’s Blaze Handlebars like template provides protection against Cross-site scripting (XSS) attacks.
  • MongoDB is more secure then SQL as it resist database injections, as it doesn’t parse input.
  • Meteor also allow use of browser storage. Browser storage is more secure than cookies, as cookies can be hijacked.
  • In Meteor we can store password in hashed form by using bcrypt.
  • Meteor also provides full database encryption by using Mylar. It store encrypted data on database and decrypt only in web browser. But, it is not advisable to use.
Meteor Routing
Meteor mainly has 2 different routers for routing:
  • 1) Iron: Router It is designed specifically for Meteor. Iron router supports routing on both client and server. If we use Iron router then we don’t have to use another package for APIs on server side.
  • 2) Kadira: Flow-Router It is designed only for client side routing of Meteor. It is not reactive. Flow router is designed considering performance in mind.

Developing cross platform application is good option for businesses that want functionality like native apps, but don’t have high budget of separate codebase for different platforms. It can’t be concluded if Meteor is a good Framework or not. That totally depends on requirements of app.

Astrea IT Services is a certified Meteor partner. We have expertise in developing products using Meteor. We have strong experience of helping customers in taking a simple idea to a production ready app. Astrea also has extensive expertise in building apps with Meteor front-end and Salesforce backend.