8

I authenticate server-side with express.session. The normal way of communicating that session information client-side is to rerender the page with new HTML generated server-side, but this requires a reload.

I have a one page app and want to avoid reloading. Is there a way to access information about the connected user client-side? Is this information stored in a cookie? How can I access it without reloading the page or making an extra server request?

Randomblue
  • 112,777
  • 145
  • 353
  • 547
  • 2
    Make a route in express that returns some user session data in json and fetch it with an ajax request on the client side. – stagas Jan 07 '12 at 15:51
  • When you say "one page app" do you really mean two pages, a login page and an app page? Or does one page contain both the login form and application? – Stobor Jan 22 '13 at 14:19
  • @Stobor: That's the thing. I want to merge the login page with the rest, and display one or the other depending on `express.session`. – Randomblue Jan 22 '13 at 14:40
  • And if the user is not logged in, you display the login page - when they fill that out, will you make a request to the server? – Stobor Jan 22 '13 at 14:50
  • @Stobor: Yes, when they fill it out, I make a request to the server. – Randomblue Jan 23 '13 at 23:00

2 Answers2

5

The only way to do this would be to either include the information in the initial server response (perhaps a dynamically generated JS object embedded in the HTML) or by making a second request as alessioalex suggested.

It not possible to get information from the server WITHOUT talking to the server...

Nick Mitchinson
  • 5,452
  • 1
  • 25
  • 31
  • Yes, I'm interested in the ways I can populate the initial server response. I want to keep serving pages statically (i.e. not use fancy stuff like Jade). I was thinking of using cookies... – Randomblue Jan 16 '13 at 11:59
  • If you're looking for serve dynamic content in a javascript object you will be forced to use some sort of tool like jade to populate it. I guess setting the information in cookies is possible, and then accessing them on the client (document.cookie I believe), however if the data is secure at all I would not recommend this. You can not be sure how the users system will handle/store/deal with the cookies. If you do do it this way, you should never trust the information in the cookies server side. The cookie information could be changed by the user, and shouldn't be copied back into the session – Nick Mitchinson Jan 16 '13 at 19:55
  • If you're looking to set cookies, you could probably use https://github.com/jed/cookies. I havn't used it (and there may be an easier way in express itself), however I don't have time right now to check. – Nick Mitchinson Jan 16 '13 at 19:57
4

As @stagas suggested, you can create a custom route with Express, such as /user and return session data (user details) using JSON. That way you wouldn't need to refresh the page.

Example:

app.get('/user', function (req, res) {
  res.json(req.session.user);
});
alessioalex
  • 62,577
  • 16
  • 155
  • 122
  • You can use a cookie middleware where you can put information about the user, but I wouldn't rely on that to check if the user is logged in or not. Cookies aren't the most secure, so if you really don't want to make an extra request to the server just store non-essential information there (for example gender, age, etc). – alessioalex Jan 15 '13 at 20:52