James Fator

This is not an advertisement for Parse

29 November 2014

There's this service Parse which I've been meaning to try out for a while now, but haven't gotten to it until recently.

Even going into the project, I wasn't aware of just how awesome Parse is. As someone who has been and currently is developing backend systems for a startup company, if we had to do it all again, Parse looks very appealing. From my experience so far, I'll just be talking about the Parse Core, which is a bunch of services and features that significantly reduce the effort and time it would take to spin up and maintain servers. This means you can create databases, APIs, background jobs, etc. with ease.

My original goal for a project was to make some sort of password manager that I could trust to hold my sensitive data. This was something I've wanted to do ever since I found out that my dad was storing passwords inside his computer's contacts app. If nothing more than to give him some more structure, this could also be an opportunity to build a web app with a secure database.

Initially, we set up a Python server using Flask, which was hosted on a Raspberry Pi in the house. I don't think this was a bad solution at all -- we even made a nifty interface to view and edit the entries. I was looking to go a little bit bigger though and from what I have heard of Parse, I knew it could be done, but I wasn't quite sure how we would go about it.

After diving into some research, I learned about Parse Hosting, which really blew my mind. Setting up the development environment is one command which simply downloads your app's current "Cloud Code Directory". You make the associated changes to that code in the directory, then with another one line command, deploy your changes to Parse's hosting machines. You can specify a custom subdomain for your app in the settings, then load up your page in a browser. What I enjoy probably the most, is the simplicity of these Cloud Code Directories -- they're as simple as they need to be, which means you're almost exclusively focusing on functionality, while they worrying about the rest of the system.

I started off by attempting to replicate what we were doing in the home Python server. Parse Hosting takes advantage of the Express framework which I fortunately have had some experience with, but more importantly, it meant we could dynamically render pages, which like Flask, allows for pretty simple ways of making GUIs. I'm not a front end engineer and that probably shows in the design of my blog, but the page rendering was familiar and came pretty quickly.

Next up was a focus on where the data would be stored and how we would access it. Before, we were using some encryption with a SQL database, which was pretty easy to work with and gave us a good amount of freedom. One of the more challenging aspects of this project was learning how to correctly work with Parse's data. It was nothing more than some additional research, yet that additional complexity of the way they Parse handles it's data came with some features that ended up being beneficial. For example, there's no need to know what machine your data is on, or where it in in the filesystem. It may sounds like something small, but I think anyone who has worked with larger data sets before will appreciate making a general request for their data and trusting that it'll get to them -- just one less thing to keep track of.

We also took advantage of the Access Control Lists, which is their way of restricting the users and groups that have access a particular object in the database. For our password manager example, we were able to specify that passwords can only be accessed by the user that created it. That was something that I overlooked before, since it was just my dad and I using the app, but now the passwords are much more locked down.

One aspect that I did not expect to be as easy and simple as it was, happened to be HTTPS requiring a simple paste of two lines of code. Yes, HTTPS isn't the end all in terms of being secure, but it's not bad to have. In terms of the security of the rest of the app? Well, Parse has written over and over again that they deem themselves secure or at least on a good path, but there's someone to argue those things.

In my mind, just to be safe, I'm only going to use this as a coding exercise. I won't suggest anyone stores their banking account information on it, but I want to open it up as some example code implementing some of Parse's tools. I think looking at other people's work to build a basis of understanding is often the best way to learn. So if there's anyone interested in taking a look at the code or incorporating anything from it, I've hosted it on GitHub here.

For anyone interested in playing with the actual app, you can find it live here!

In all, from knowing almost nothing about how their services work, to having a working web app took a few hours. Even considering the smaller size of this project, I was able to save time and effort relative to the time it would take to producing the same result independently. When you realize that virtually all company starting up these days will require some web service and/or computing power, Parse is looking like a desirable alternative.