# Session & cookies
Ts.ED provides two decorators to get and values in your controller.
# Installation
Before using the Session and Cookies, we need to install a module like express-session but you can use another module which follows the same convention.
npm install --save express-session
WARNING
The default server-side session storage, MemoryStore, is purposely not designed for a production environment. It will leak memory under most conditions, does not scale past a single process, and is meant for debugging and developing.
For a list of stores, see compatible session stores.
# Configuration
Edit your Server and add these lines:
import {Configuration, Inject, PlatformApplication} from "@tsed/common";
import "@tsed/platform-express";
import * as bodyParser from "body-parser";
import * as compress from "compression";
import * as cookieParser from "cookie-parser";
import * as session from "express-session";
import * as methodOverride from "method-override";
@Configuration({})
export class Server {
@Inject()
app: PlatformApplication;
public $beforeRoutesInit(): void | Promise<any> {
this.app
.use(cookieParser())
.use(compress({}))
.use(methodOverride())
.use(bodyParser.json())
.use(bodyParser.urlencoded({
extended: true
}));
this.app.raw.set("trust proxy", 1); // trust first proxy
this.app.raw.use(session({
secret: "keyboard cat",
resave: false,
saveUninitialized: true,
cookie: {secure: true}
}));
}
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# Usage
# Session
import {BodyParams, Controller, Get, Post, Session, Status} from "@tsed/common";
@Controller("/")
export class MyCtrl {
@Get("/whoami")
whoAmI(@Session() session: any) {
console.log("User in session =>", session.user);
return session.user && session.user.id ? `Hello user ${session.user.name}` : "Hello world";
}
@Post("/login")
@Status(204)
login(@BodyParams("name") name: string, @Session("user") user: any) {
user.id = "1";
user.name = name;
}
@Post("/logout")
@Status(204)
logout(@Session("user") user: any) {
user.id = null;
delete user.name;
}
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# Cookies
import {Controller, Cookies, Post} from "@tsed/common";
import {IUser} from "./interfaces/IUser";
@Controller("/")
class MyCtrl {
@Post("/")
getCookies(@Cookies() cookies: any) {
console.log("Entire cookies", cookies);
}
@Post("/")
getIdInCookies(@Cookies("id") id: string) {
console.log("ID", id);
}
@Post("/")
getObjectInCookies(@Cookies("user") user: IUser) {
console.log("user", user);
}
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# Initialize session
Sometimes we want to be sure that the session is correctly initialized with the right values.
Let's start by creating a middleware CreateRequestSessionMiddleware in middlewares directory:
import {Middleware, Req} from "@tsed/common";
@Middleware()
export class CreateRequestSessionMiddleware {
use(@Req() request: Req) {
if (request.session) {
request.session.user = request.session.user || {
id: null
};
}
}
}
2
3
4
5
6
7
8
9
10
11
12
Then, add this middleware on the server:
import {PlatformApplication} from "@tsed/common";
import {Configuration, Inject} from "@tsed/di";
import "@tsed/platform-express";
import * as bodyParser from "body-parser";
import * as compress from "compression";
import * as cookieParser from "cookie-parser";
import * as session from "express-session";
import * as methodOverride from "method-override";
import {CreateRequestSessionMiddleware} from "./middlewares/CreateRequestSessionMiddleware";
@Configuration({})
class Server {
@Inject()
app: PlatformApplication;
public $beforeRoutesInit(): void | Promise<any> {
this.app
.use(cookieParser())
.use(compress({}))
.use(methodOverride())
.use(bodyParser.json())
.use(bodyParser.urlencoded({
extended: true
}));
this.app.raw.set("trust proxy", 1); // trust first proxy
this.app.raw.use(session({
secret: "keyboard cat", // change secret key
resave: false,
saveUninitialized: true,
cookie: {
secure: false // set true if HTTPS is enabled
}
}));
this.app.use(CreateRequestSessionMiddleware);
}
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
Finally, you can read and write values in your controller:
import {BodyParams, Controller, Get, Post, Session, Status} from "@tsed/common";
@Controller("/")
export class MyCtrl {
@Get("/whoami")
whoAmI(@Session() session: any) {
console.log("User in session =>", session.user);
return session.user && session.user.id ? `Hello user ${session.user.name}` : "Hello world";
}
@Post("/login")
@Status(204)
login(@BodyParams("name") name: string, @Session("user") user: any) {
user.id = "1";
user.name = name;
}
@Post("/logout")
@Status(204)
logout(@Session("user") user: any) {
user.id = null;
delete user.name;
}
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
In addition, you can add integration tests with SuperTest and @tsed/testing package.
Here is an example of Rest API test:
TIP
You can find a working example on Express Session here.
← Examples Passport.js →
- Session & cookies
- Passport.js
- TypeORM
- Mongoose
- GraphQL
- Socket.io
- Swagger
- AJV
- Multer
- Serve static files
- Templating
- Throw HTTP Exceptions
- Customize 404
- AWS
- Jest
- Seq
- Controllers
- Providers
- Model
- Converters
- Middlewares
- Pipes
- Interceptors
- Authentication
- Hooks
- Injection scopes
- Custom providers
- Custom endpoint decorator
- Testing