Universal: Create Universal cookies module

@gdi2290 I just realized something. So, this (and potentially other) services are not global but are request specific. That means on the server side we need a way to get the "context" of the current request. I do this in my current product app with the node.js CLS library, but I think we should be able to do this somehow with zones. Basically, the universal engine for a particular framework will need to set values on the context (in this case the current request cookies) and then anywhere in the code we can pull from that context. Does that make sense?

@jeffwhelpley & @gdi2290 sounds great! with cookies it shouldn't be a problem at all when you catch them from the request headers. do you have a idea how to solve the local storage gap?
and do you have a roadmap about angular universal? we plan to bring out our latest CMS frontend totaly built on ng2. but we do need the server side rendering as well. deadline for us is april 2016. is there a chance to get cookies and http requests working till then? just a shy question :)

I'm planning on working on the abstract clases (cookie, localStorage,Title, etc) during this week

+1

According to _https://github.com/angular/angular/pull/8898_ current implementation probably should be replaced in favor to new DOM_Adapror.
@gdi2290 Should i refactor #404 ?

I have a question.

Should the Headers from the real client browser be passed by the NodeJS app to any HTTP services?

This seems non trivial as is would require either forcing all users a Http Wrapper -- though this could be mitigated with a Http provider in the main.node.js that provides the wrapped service for Node.

This would solve the problem of auth tokens in Headers (most, almost all?), but would do nothing for auth tokens that are passed in the message body.

@martinmcwhorter imho cookie should provided by some generic accessor, and each platform should have they own unique accessor implementation. For nodejs app you way is the right way.

If you talk about tokens with message body - than you should add more code :). This issue is only about cookies.

Hey, now that we're on the final release and changes won't break everything we could spend some time on the design of the cookies module :).

My use case is an app that saves a JWT in cookie storage and I'd like the server to use that to prerender the authorize-only sections of my website.

Thanks!

@tinchou check out this as a short term workaround:

https://github.com/angular/universal/blob/master/DOCUMENTATION.md#servercontext

Looks good! I'll use this for now and wait for Universal to implement it.

Question: if it's so simple why is it not implemented yet?

On Thu, Sep 22, 2016, 12:27 Jeff Whelpley [email protected] wrote:

@tinchou https://github.com/tinchou check out this as a short term
workaround:

https://github.com/angular/universal/blob/master/DOCUMENTATION.md#servercontext

—
You are receiving this because you were mentioned.

Reply to this email directly, view it on GitHub
https://github.com/angular/universal/issues/273#issuecomment-248937574,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABeg9Nn6Dvw4m_5WYe4NjVNvX76uj8RBks5qsp56gaJpZM4HaD_h
.

You know how it is, nothing is ever as easy as it seems :)

Plus there's been so many Core changes, think the priority has been to just try and keep up to date & evolve with it. Guessing now we'll be able to focus on improving every aspect of Universal... performance, docs, APIs, new things, etc.

Awesome!

And I'm glad your answer is not "because there's this quirk that will make
you pull your hair out" :)

On Thu, Sep 22, 2016 at 12:53 PM Mark Pieszak [email protected]
wrote:

You know how it is, nothing is ever as easy as it seems :)

Plus there's been so many Core changes, think the priority has been to
just try and keep up to date & evolve with it. Guessing now we'll be able
to focus on improving every aspect of Universal... performance, docs, APIs,
new things, etc.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/angular/universal/issues/273#issuecomment-248945165,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABeg9LKEMiIOG5re4fCoSKS4D0QQsiIhks5qsqR7gaJpZM4HaD_h
.

@tinchou
example for implementing cookie

https://github.com/kuldeepkeshwar/universal-starter/blob/master/src/main.node.ts
https://github.com/kuldeepkeshwar/universal-starter/blob/master/src/main.browser.ts
https://github.com/kuldeepkeshwar/universal-starter/tree/master/src/common/utils

I made it work, but not without a lot of work. @SteveSandersonMS you may want to read since you opened https://github.com/aspnet/JavaScriptServices/issues/130.

@kuldeepkeshwar your solution was really helpful, and I managed to make it work with ASP.NET Core :). I had to remove all calls to Angular internal APIs (e.g. isBlank, isPresent) since that broke my client code, but it was pretty straightforward.

I saw you depend on the res and req objects passed by Express as shown here, but we don't have that in ASP.NET Core.

As seen here in this issue, https://github.com/aspnet/JavaScriptServices/issues/130, we can get the cookies object by passing it through asp-prerender-data and then in boot-server.ts doing:

properties: {
        // ....
        cookies: params.data.cookies,
        // ....
}

And in cookie-node.ts filling the cache:

for (let c of Zone.current.get("cookies")) {
    this._cache[c.key] = c.value; // Cookies from .NET are {key:string, value:string}
}

But that only gives us a read-only view of the cookies (which may be enough for most cases, including mine, I'm just pointing it out).

Let me know if I can help in any way to get this working seamlessly!

EDIT:

By the way, my use case: I'm saving a JWT in cookie storage. Angular reads that cookie, and then sends it to the server in any authenticated request. If the prerendering server can read that cookie and send it to ASP.NET too, then my prerendered content will display the users' own data. Bingo!

I'm a little worried about XSRF attacks with this solution (see this https://github.com/aspnet/Antiforgery/issues/29#issuecomment-249277466 for reference), but for now I'd rather have this working.

Cool. Just note that we will make this easier. We have a couple high priority bugs we are working on now, but do have a ToDo for making it easier to pass server request values to Angular (i.e. so you can use DI instead of Zone to get the value).

@kuldeepkeshwar would you please point out which commit was that code present in?
since those files were deleted
so we can still take a look

@canda you can check lazy-route branch

won't be supported officially
https://github.com/angular/angular/issues/13822

This issue has been automatically locked due to inactivity.
Please file a new issue if you are encountering a similar or related problem.

Read more about our automatic conversation locking policy.

_{_This action has been performed automatically by a bot._}