Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set cookie in request headers too #346

Open
eric-burel opened this issue Oct 1, 2020 · 3 comments
Open

Set cookie in request headers too #346

eric-burel opened this issue Oct 1, 2020 · 3 comments
Labels
kind/feature A request for a new feature.

Comments

@eric-burel
Copy link

If some further middlewares are going to read the request cookies too, you might want them to have up to date cookies. For instance, when refreshing a token client-side, I want both to set Set-Cookie headers, but also req.headers so that my server-side queries are triggered with the fresh token. This avoid going back to client to trigger a new request.
Do you think setCookie could be improved to do so?

Current alternative would be to add appContext.ctx.req.headers.cookie = appContext.ctx.res.headers['Set-Cookie'] or something like that after calling setCookie.
@eric-burel
Copy link
Author

eric-burel commented Oct 1, 2020
edited

For the record this is how I use it currently:

const updateAppContextCookie = (
  appContext: AppContext,
  path: string,
  value: string,
  options: Object = {}
) => {
  // Update the request cookie. We must work by value as we lack helpers to easily manipulate and stringify the cookies
  const requestCookies = parseCookies(appContext.ctx);
  appContext.ctx.req.headers.cookie.replace(requestCookies[path], value);
  // Set the response header
  setCookie(appContext.ctx, path, value, options);
};

and in getInitialProps (simplified):

...
if (shouldRenewToken(appContext.ctx)) {
   const newTokens = await updateTokens(appContext.ctx) // client-side, I suppose that this updates the cookies somehow for future request
   if (serverRender(appContext)) { // server-side, or in getServerSideProps calls, I have to do it manually
     updateAppContextCookie("token", newTokens.token)
     updateAppContextCookie("refresh", newTokens.refresh)
   } 
}
// code here can suppose that the token in "req" is valid if the refresh has been working
// also Set-Cookie is correctly defined in res
...

@maticzav maticzav added the kind/feature A request for a new feature. label Oct 8, 2020
@maticzav
Copy link
Owner

maticzav commented Oct 8, 2020

Hey @eric-burel 👋 ,

Thank you for opening the issue. Your idea sounds fantastic. Do you think you could compose a PR for it?

@eric-burel
Copy link
Author

I haven't figured a way to manipulate the cookie yet :/ I do a hard replacement based on the string value, which is unsafe in general, as I haven't found any method to easily update a value in a cookie (while preserving the options used to define it). That's why I didn't PR it.

Also this pattern will actually be very soon obsolete in our app. We use it to update the refresh token, but updating the refresh token during SSR is a bad practice in the first place.

Maybe the sample code could make it to some documentation instead, in case some lost googles needs this for another reason?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature A request for a new feature.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@maticzav @eric-burel