

How Sift Science Rebuilt Its App on React and DropWizard - necubi
http://blog.siftscience.com/blog/2015/how-we-built-it

======
btown
Sadly, this is more of a teaser with architecture diagrams than actual content
about best practices in React and DropWizard. Looking forward to the future
posts, though!

On the note of architecture diagrams... if you're geeking out about how to
simplify architectures like their "before" picture, I'd highly recommend
checking out Confluent's article on LinkedIn's data platform:
[http://blog.confluent.io/2015/02/25/stream-data-
platform-1/](http://blog.confluent.io/2015/02/25/stream-data-platform-1/) It's
much in the same vein as this article, but focusing on backend organization.
Highly recommended.

~~~
btown
Since this is taking off a bit: Here's an excellent talk that provides some
context to the Confluent article, and takes us through the thought process of
simplifying convoluted database-cache-user interactions by thinking in terms
of streams of derived data:
[https://www.youtube.com/watch?v=fU9hR3kiOK0](https://www.youtube.com/watch?v=fU9hR3kiOK0)
. Also highly recommended.

------
matrix
If the authors are reading this: in your later articles, I'd love to see some
details about what method of authentication and authorization you settled on
for the REST API and how well it plays with Dropwizard.

~~~
necubi
Yeah, I think authentication and authorization are two of the hardest
challenges in moving to a fully static app architecture. There're some more
details in a talk I gave a few months ago (video:
[https://youtu.be/vHXcDKK4eGY?t=6822](https://youtu.be/vHXcDKK4eGY?t=6822),
slides: [https://www.dropbox.com/s/uup4tgxyi7uybe0/API-
Driven%20Devel...](https://www.dropbox.com/s/uup4tgxyi7uybe0/API-
Driven%20Development%20at%20Sift%20Science.pdf?dl=0)), and I'll be writing
more (and hopefully open sourcing some code) in the future.

The upshot is we settled on OAuth 2.0 with JWT auth tokens, along with some
custom DropWizard filters and annotations to enforce authz. We found two-
legged OAuth 2.0 pretty straightforward to implement and use.

~~~
matrix
Sounds like you guys might have used Apache Oltu? If so, I (and I'm sure many
others) would be interested in hearing more about that, because modern, non-
trivial authorization and authentication is probably the single biggest
missing piece for Jersey/Dropwizard.

------
CyberDildonics
I rather hear about how companies I've never heard of keep getting ads upvoted
on hackernews.

------
brandonb
This may be covered in one of the future articles, but how have you found
HBase as a storage system and Hadoop as the primary system for data
processing? If you could start from scratch, what do you think you'd use?

------
paukiatwee
Great article. I developed a (real world) personal budget app[1] using Angular
1.x + DropWizard. If anyone interested to learn/see source code, the source
code is available on Github[2].

[1]: [https://www.budgetapp.io/](https://www.budgetapp.io/) [2]:
[https://github.com/paukiatwee/budgetapp](https://github.com/paukiatwee/budgetapp)

~~~
kevinherron
Thank you, this is a great example. Exactly what I've been looking for.

------
Sirikon
What's the benefits of React against others frameworks? I didn't understood
yet all the love and hype around React...

~~~
rimunroe
Important note: React doesn't attempt to solve any data modeling issues
itself. It just gives you a way to describe to a browser what it should draw
when given some data. It's not trying to provide solutions to all the same
issues as Angular or other MVCs--it just makes some of those issues not even
exist, although it obviously requires you to find solutions to other issues on
your own.

As for the benefits: React components are _super_ composable. I find myself
comfortably reusing modules way more when those modules are React components.
Also, there's also low overhead of abstractions to keep track of, so the
learning curve is very shallow compared to the ones for figuring out how to
draw stuff in a framework like Angular or Ember in my opinion.

These aren't by any means the only or even necessarily the biggest ones,
they're just ones that I am very fond of.

