Set Express response headers before redirect
Setting headers wouldn't work here because a redirect will execute a new http request, you can use express-session to store the auth token and fetch it when you need it
req.session.accessToken = token
Related videos on Youtube
39 : 01
13 : 33
17 : 38
16 : 05
04 : 36
16 : 05
14 : 11
06 : 38
01 : 05
01 : 16
wkd
Updated on July 09, 2022Comments
-
wkd almost 2 years
I'm implementing a site login that takes in an email/password combo, retrieves an API token, and returns it to the user to get stored (encrypted) in localStorage.
Currently, on successful POSTing to
/login, the app redirects the user to the index page, with the token attached as a query, like so (as suggested here):login.post('/', function(req, res) { ...checking password... Auth.getToken(user, function(err, token) { res.redirect('/?token=' + token); }); });This works fine, but I'd prefer to keep my URLs as clean as possible and set the token as a header instead:
login.post('/', function(req, res) { ...checking password... Auth.getToken(user, function(err, token) { res.set('x-access-token', token); console.log(res._headers); // --> {'x-powered-by': 'Express', 'x-access-token': <token>} res.redirect('/'); }); });console.log-ingres._headersshows that the headers are set as expected, but when I logreq.headerson the request to the index page, it's not showing up:{ host: 'localhost:3000', connection: 'keep-alive', 'cache-control': 'max-age=0', accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8', 'upgrade-insecure-requests': '1', 'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36', referer: 'http://localhost:3000/login', 'accept-encoding': 'gzip, deflate, sdch', 'accept-language': 'en-US,en;q=0.8', cookie: 'ifusr=crwj; _ga=GA1.1.1933420201.1409901705', 'if-none-match': '"1195161647"' }Any suggestions appreciated!
-
wkd over 8 yearsSo if I don't want to use sessions, the query string is pretty much my only option for passing context to a new request?
-
Julián Duque over 8 yearsYou can with
res.render('index')but not sure if you need to trigger something in the route, if you need that yes, a querystring is your only option -
ndtreviv over 4 yearsExtra upvotes for if you show how to put the accessToken in the session...?
-
lazaruslarue over 4 yearsDouble extra upboats for you to show how to do it in
res.render('index')@JuliánDuque
