Access server session information on the client without reload or extra request

Asked 7/1, 2012 at 15:39 Answered 16/1, 2013 at 0:4

I authenticate server-side with express.session. The normal way of communicating that session information client-side is to rerender the page with new HTML generated server-side, but this requires a reload.

I have a one page app and want to avoid reloading. Is there a way to access information about the connected user client-side? Is this information stored in a cookie? How can I access it without reloading the page or making an extra server request?

Resinoid answered 7/1, 2012 at 15:39 Comment(5)

Make a route in express that returns some user session data in json and fetch it with an ajax request on the client side. – Chromaticity 7/1, 2012 at 15:51

When you say "one page app" do you really mean two pages, a login page and an app page? Or does one page contain both the login form and application? – Ritual 22/1, 2013 at 14:19

@Stobor: That's the thing. I want to merge the login page with the rest, and display one or the other depending on express.session. – Resinoid 22/1, 2013 at 14:40

And if the user is not logged in, you display the login page - when they fill that out, will you make a request to the server? – Ritual 22/1, 2013 at 14:50

@Stobor: Yes, when they fill it out, I make a request to the server. – Resinoid 23/1, 2013 at 23:0

The only way to do this would be to either include the information in the initial server response (perhaps a dynamically generated JS object embedded in the HTML) or by making a second request as alessioalex suggested.

It not possible to get information from the server WITHOUT talking to the server...

Alanaalanah answered 16/1, 2013 at 0:4 Comment(3)

Yes, I'm interested in the ways I can populate the initial server response. I want to keep serving pages statically (i.e. not use fancy stuff like Jade). I was thinking of using cookies... – Resinoid 16/1, 2013 at 11:59

If you're looking for serve dynamic content in a javascript object you will be forced to use some sort of tool like jade to populate it. I guess setting the information in cookies is possible, and then accessing them on the client (document.cookie I believe), however if the data is secure at all I would not recommend this. You can not be sure how the users system will handle/store/deal with the cookies. If you do do it this way, you should never trust the information in the cookies server side. The cookie information could be changed by the user, and shouldn't be copied back into the session – Alanaalanah 16/1, 2013 at 19:55

If you're looking to set cookies, you could probably use github.com/jed/cookies. I havn't used it (and there may be an easier way in express itself), however I don't have time right now to check. – Alanaalanah 16/1, 2013 at 19:57

As @stagas suggested, you can create a custom route with Express, such as /user and return session data (user details) using JSON. That way you wouldn't need to refresh the page.

Example:

app.get('/user', function (req, res) {
  res.json(req.session.user);
});

Godwit answered 7/1, 2012 at 16:19 Comment(1)

You can use a cookie middleware where you can put information about the user, but I wouldn't rely on that to check if the user is logged in or not. Cookies aren't the most secure, so if you really don't want to make an extra request to the server just store non-essential information there (for example gender, age, etc). – Godwit 15/1, 2013 at 20:52

Recommended topics

Hot tags