https://github.com/nlesc/spot-server
https://github.com/nlesc/spot-server
database filter javascript spot sql visualization
Last synced: about 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/nlesc/spot-server
- Owner: NLeSC
- License: apache-2.0
- Created: 2017-04-24T10:45:50.000Z (about 9 years ago)
- Default Branch: master
- Last Pushed: 2022-08-30T23:48:45.000Z (almost 4 years ago)
- Last Synced: 2025-06-17T18:07:27.949Z (about 1 year ago)
- Topics: database, filter, javascript, spot, sql, visualization
- Language: JavaScript
- Homepage:
- Size: 759 KB
- Stars: 1
- Watchers: 2
- Forks: 1
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG
- Contributing: CONTRIBUTING.md
- License: LICENSE.txt
Awesome Lists containing this project
README
# spot-server
[](https://travis-ci.org/NLeSC/spot-server)
[](https://www.codacy.com/app/NLeSC/spot-server?utm_source=github.com&utm_medium=referral&utm_content=NLeSC/spot-server&utm_campaign=Badge_Grade)
[](https://www.codacy.com/app/NLeSC/spot-server?utm_source=github.com&utm_medium=referral&utm_content=NLeSC/spot-server&utm_campaign=Badge_Coverage)
[](https://github.com/Flet/semistandard)
Part of the spot-framework, spot-server provides a connection a to a database (currently PostgreSQL) instead of the default crossfilter backend.
It will also host a static website fi. [spot](https://github.com/NLeSC/spot) using Express.
API documenation [can be found here](https://nlesc.github.io/spot-server).
## prerequisites
- [PostgreSQL](https://www.postgresql.org) v9.5 or higher
Spot requires either a local or a remote service to run. Commutication between the client and the database server is achieved by using [web socket](https://github.com/socketio/socket.io).
Before running the scripts, make sure that the Postgres server is up and running.
- **Hint**: You may want to use [PostreSQL Docker image](https://hub.docker.com/_/postgres) for quick testing, if you don't have postgress installed on your system
- make sure your postgres user does not need a password
- [pg_isready](https://www.postgresql.org/docs/9.3/static/app-pg-isready.html) command might be useful to check the server status.
## scripts
### spot-server
Combines this library with Express to host a website.
It uses a session file to keep track of database tables to serve.
Usage:
```bash
node scripts/spot-server.js -c 'postgres://USER@localhost/DATABASE' -s 'session_file.json' -w
```
Here, `SPOT_DIST` should be an absolute path to the directory with the built version of [spot app](https://github.com/NLeSC/spot). You can either use the pre-built [dist directory](https://github.com/NLeSC/spot/tree/app/dist) or build it yourself using `npm run dist`.
run following command to see available options:
```bash
node scripts/spot-server.js --help
```
You can get a bit more performance using the native PostgreSQL bindings (turned off by default to make travisCI easier). Just install the pg-native package:
```bash
npm install pg-native
```
This in only tested on linux, could work on other OSs.
### spot-import
Import files (CSV, JSON) into the database.
It also creates a session file. Usage:
```bash
node ./scripts/spot-import.js -c 'postgres://USER@localhost/DATABASE' \
-t 'data_table' \
-s 'session_file.json' \
-u 'http://DATA_URL' \
-d 'Dataset description' \
--csv -f 'test_data.csv'
```
run following command to see available options:
```bash
node server/spot-import.js --help
```
# Notes
## heap out of memory
If node crashes with `heap out of memory`, increase it using `node --max_old_space_size=4096`.
# Security concerns
## sql injection via `facet.accessor` and `dataset.datasetTable`
Facet accessor can be set by the client, and is used unchecked in the query.
Recommended to limit spot-server PostgreSQL privilege to read only.
See for instance [this blog post](https://blog.ed.gs/2016/01/12/add-read-only-postgres-user/)