isomorphic-cookie
Advanced tools
Load, save and remove cookies within your isomorphic application
The initial idea for this package came from the popular react-cookie package, but we've made it a little harder to make serious mistakes using plugToRequest() with async server operations. Instead of providing that function, that allows you to only read/write to one request at a time (the current plugged request), we've allowed for passing the request to the load() function and the response to the save() and remove() functions. This way it's easier to reason about exactly which request/response you're interacting with.
This currently supports Express and Hapi servers. If you need to support another server framework, feel free to send a PR or make a feature request in issues.
npm install --save isomorphic-cookie
isomorphicCookie.load(name, [request], [doNotParse])
isomorphicCookie.save(name, val, [options], [response])
isomorphicCookie.remove(name, [options], [response])
cookie path
absolute expiration date for the cookie (Date object)
domain for the cookie
only allow on https connections, defaults to true, you must set to false to use over http
** NOTE:
You must set { secure: false } to use this over http. So if you're just trying it out and testing locally,
make sure to set that option. If you do local development then deploy to an https server, make it conditional
based on environment.
const isomorphicCookie = require('isomorphic-cookie');
console.log(isomorphicCookie.load('serverCookie'));
console.log(isomorphicCookie.load('clientCookie'));
isomorphicCookie.save('clientCookie', 'Cookie value here');
const express = require('express');
const cookieParser = require('cookie-parser');
const path = require('path');
const isomorphicCookie = require('isomorphic-cookie');
const app = express();
app.use(express.static('dist'));
app.use(cookieParser());
app.get('/', (req, res) => {
console.log(`client cookie: ${isomorphicCookie.load('clientCookie', req)}`);
console.log(`server cookie: ${isomorphicCookie.load('serverCookie', req)}`);
isomorphicCookie.save('serverCookie', 'Cookie value here', {}, res);
res.sendFile(path.join(__dirname, 'index.html'));
});
app.listen(8000);
'use strict';
const Hapi = require('hapi');
const path = require('path');
const isomorphicCookie = require('isomorphic-cookie');
// Create a server with a host and port
const server = new Hapi.Server();
server.connection({
host: 'localhost',
port: 8000,
});
let callIndex = 0;
server.register(require('inert'), (err) => {
if (err) {
throw err;
}
server.route({
method: 'GET',
path:'/',
handler: (request, reply) => {
callIndex++;
console.log(`client cookie: ${isomorphicCookie.load('clientCookie', request)}`);
console.log(`server cookie: ${isomorphicCookie.load('serverCookie', request)}`);
isomorphicCookie.save('serverCookie', 'Cookie value here', {}, reply);
reply.file(path.join(__dirname, 'index.html'));
},
});
server.start((err) => {
if (err) {
throw err;
}
console.log('Server running at:', server.info.uri);
});
});
This project is under the MIT license. You are free to do whatever you want with it.
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.
Security News
Deno 2.4 brings back bundling, improves dependency updates and telemetry, and makes the runtime more practical for real-world JavaScript projects.