Chapter 15. Deployment, testing, and security
This chapter covers
- Deploying Brushfire to a PaaS
- Distinguishing between development and production
- Incorporating testing into Brushfire
- Understanding XSS and CSRF attacks and protection
In this final chapter, we’ll address deploying Brushfire into the wild. This will require us to choose a deployment destination, and will include deploying and configuring a remote PostgreSQL instance for our main database and a Redis instance for our session and WebSocket stores. We’ll separate Brushfire into three different environments: development, production, and test. We’ll use the environments as a way to configure Brushfire separately based on one of the three environments chosen. Testing is a vital step in the development process. We’ll show you how to set up tests for endpoints and model methods. We’ll wrap up the chapter with a discussion of the most prevalent security vulnerabilities and steps you can take to protect against them.