The content of this article is about what are cookies in node? how to use? It has certain reference value. Friends in need can refer to it. I hope it will be helpful to you.
Why do we need cookies
We know that http
is a stateless protocol. What does stateless mean?
Let me give a small example to illustrate: For example, Xiao Ming is shopping online. He browses multiple pages and purchases some items. These requests are completed in multiple connections. If no additional means are used, the server cannot We know exactly what he purchased, because the server simply doesn’t know whether the person requesting each time is Xiao Ming, unless Xiao Ming has a identification
to prove that he is Xiao Ming.
So, in order to identify the user's identity and perform session tracking, cookies appear.
What is a cookie
Simply put, a cookie is an identifier.
Strictly speaking, a cookie is some information stored on the client
. It is submitted by the browser to the server every time it is connected, and the server also initiates a request to the browser to store the cookie, relying on this method. , the server can identify the client.
Specifically, when the browser initiates a request to the server for the first time, the server will generate a unique identifier
and send it to the client browser. The browser will store this unique identifier in Cookie. In each request initiated, the client browser transmits this unique identifier to the server, and the server uses this unique identifier to identify the user.
Having said so much, open the browser and let’s take a look at this product first.
In the picture above, it is a cookie stored in the browser. Its name is name and its value is abc.
Regular cookie
It’s not enough to just look at it. Next, let’s use node to make a regular cookie.
First, install the express framework and cookieParser middleware
npm i express --save npm install cookie-parser --save
The main uses of cookieParser middleware are as follows:
Parse cookies from the browser and put them in req. In cookies;
For signed cookies, sign and unsign cookies
The code is as follows:
var express = require('express'); var cookieParser = require('cookie-parser'); var app = express(); app.use(cookieParser()); app.use(function (req, res) { if (req.url === '/favicon.ico') { return } // 设置常规cookie, 有效期为20s, 客户端脚本不能访问它的值 res.cookie('name', 'abc', { signed: false, maxAge: 20 * 1000, httpOnly: true }); console.log(req.cookies, req.url, req.signedCookies); res.end('hello cookie'); }) app.listen(4000)
After running, Open http://localhost:4000/
in the browser. Taking chrome as an example, open the browser debugging tool with f12, and you can find the cookie you defined among the cookies in the application.
The req.cookies and req.signedCookies attributes are the parsing results of the cookies in the request header sent with the http request.
Among them, req.cookies corresponds to ordinary cookies, and req.signedCookies corresponds to signed cookies.
If there is no cookie in the request, both objects will be empty.
Signed cookie
Signed cookie is more suitable for sensitive data, because it can verify the integrity of the cookie data and help prevent man-in-the-middle attacks.
Valid signed cookies are placed in the req.signedCookies
object.
The code is as follows:
var express = require('express'); var cookieParser = require('cookie-parser'); var app = express(); // 设置密钥,用来对cookie签名和解签, Express可以由此确定cookie的内容是否被篡改过 app.use(cookieParser('a cool secret')); app.use(function (req, res) { if (req.url === '/favicon.ico') { return } // 设置签名cookie, 并且有效期为1min res.cookie('name', 'efg', { signed: true, maxAge: 60 * 1000, httpOnly: true }); console.log(req.cookies, req.url, req.signedCookies); res.end('signed cookie'); }) app.listen(4000)
After running, open http://localhost:4000/
Take chrome as an example, f12 to open the browser debugging tool, in the application You can find the signed cookie you defined in the cookies, the format is as follows: s:efg.7FJDuO2E9LMyby6+o1fGQ3wkIHGB9v1CDVWod8NQVAo
. The left side of the number is the value of the cookie, and the right side is the encrypted hash value generated by SHA-1 HMAC on the server.
If the value of this signed cookie is tampered with, the decryption of the cookie on the server will fail, and the req.signedCookies output in the node will be false. As follows:
And if the cookie is passed intact, it will be parsed correctly:
Summary
You can store any type of text data in a cookie, but usually a session cookie
is stored on the client side so that you can Preserve full user state on the server side.
Related recommendations:
Detailed explanation of Promise in jQuery, Angular, and node
##How to use the cluster cluster in node
The above is the detailed content of What are cookies in node? how to use?. For more information, please follow other related articles on the PHP Chinese website!

JavaScript is widely used in websites, mobile applications, desktop applications and server-side programming. 1) In website development, JavaScript operates DOM together with HTML and CSS to achieve dynamic effects and supports frameworks such as jQuery and React. 2) Through ReactNative and Ionic, JavaScript is used to develop cross-platform mobile applications. 3) The Electron framework enables JavaScript to build desktop applications. 4) Node.js allows JavaScript to run on the server side and supports high concurrent requests.

Python is more suitable for data science and automation, while JavaScript is more suitable for front-end and full-stack development. 1. Python performs well in data science and machine learning, using libraries such as NumPy and Pandas for data processing and modeling. 2. Python is concise and efficient in automation and scripting. 3. JavaScript is indispensable in front-end development and is used to build dynamic web pages and single-page applications. 4. JavaScript plays a role in back-end development through Node.js and supports full-stack development.

C and C play a vital role in the JavaScript engine, mainly used to implement interpreters and JIT compilers. 1) C is used to parse JavaScript source code and generate an abstract syntax tree. 2) C is responsible for generating and executing bytecode. 3) C implements the JIT compiler, optimizes and compiles hot-spot code at runtime, and significantly improves the execution efficiency of JavaScript.

JavaScript's application in the real world includes front-end and back-end development. 1) Display front-end applications by building a TODO list application, involving DOM operations and event processing. 2) Build RESTfulAPI through Node.js and Express to demonstrate back-end applications.

The main uses of JavaScript in web development include client interaction, form verification and asynchronous communication. 1) Dynamic content update and user interaction through DOM operations; 2) Client verification is carried out before the user submits data to improve the user experience; 3) Refreshless communication with the server is achieved through AJAX technology.

Understanding how JavaScript engine works internally is important to developers because it helps write more efficient code and understand performance bottlenecks and optimization strategies. 1) The engine's workflow includes three stages: parsing, compiling and execution; 2) During the execution process, the engine will perform dynamic optimization, such as inline cache and hidden classes; 3) Best practices include avoiding global variables, optimizing loops, using const and lets, and avoiding excessive use of closures.

Python is more suitable for beginners, with a smooth learning curve and concise syntax; JavaScript is suitable for front-end development, with a steep learning curve and flexible syntax. 1. Python syntax is intuitive and suitable for data science and back-end development. 2. JavaScript is flexible and widely used in front-end and server-side programming.

Python and JavaScript have their own advantages and disadvantages in terms of community, libraries and resources. 1) The Python community is friendly and suitable for beginners, but the front-end development resources are not as rich as JavaScript. 2) Python is powerful in data science and machine learning libraries, while JavaScript is better in front-end development libraries and frameworks. 3) Both have rich learning resources, but Python is suitable for starting with official documents, while JavaScript is better with MDNWebDocs. The choice should be based on project needs and personal interests.


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

SublimeText3 English version
Recommended: Win version, supports code prompts!

mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

SublimeText3 Mac version
God-level code editing software (SublimeText3)

MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

Atom editor mac version download
The most popular open source editor