Utilizing req.session in an Express application with Angular (written in TypeScript) when deploying the backend and frontend separately on Heroku

Question

Utilizing req.session in an Express application with Angular (written in TypeScript) when deploying the backend and frontend separately on Heroku

I'm currently facing an issue where I am unable to access req.session from my Express app in Angular. Both the backend and frontend are deployed separately on Heroku. I have already configured CORS to handle HTTP requests from Angular to my Express app.

app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", '*');
res.header("Access-Control-Allow-Credentials", true);
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
res.header("Access-Control-Allow-Headers", 'Origin,X-Requested-With,Content-Type,Accept,content-type,application/json,X-XSRF-TOKEN,CSRF-Token,X-CSRF-Token');
next();
});

However, I am encountering difficulty in handling or retrieving the request session as it always appears empty. While I was able to retrieve the connect.sid in my Express app when making an HTTP GET request, it does not persist when another request is made in Angular. Consequently, each time the Angular app is refreshed, the session ID also gets refreshed. I require the cookie to persist so that I can utilize it for a POST request (e.g., initiating an HTTP GET request to Angular with the response being a CSRF token, followed by a subsequent POST request using the requested CSRF token for login). Since every session ID is different for each request, the CSRF token becomes invalid. All Express sessions are stored in MongoLab through the connect-mongo npm module.

app.use(session({
    secret : process.env.sessionKey,    
    httpOnly: true,
    resave : true,
    saveUninitialized: true, 
    store  : new mongoStore({ mongooseConnection: mongoose.connection }),
    cookie : { maxAge: 60 * 60 * 1000}
}));

The HTTP GET and POST methods in my Angular App are functioning correctly, indicating that CORS has been properly configured. Upon inspecting the response header when accessing the route URL ('login') in Angular to initiate the HTTP GET request, I noticed that the cookies (cookies.sid) were set in the header. However, I am unsure how to store this session ID from the cookies in order to use it for subsequent requests in the Angular app (such as logging in).

https://i.sstatic.net/N9I6r.jpg

angular typescript express-session

Answer 1

Answer №1

If you are looking to retrieve a stored cookie from the browser, simply utilize the function provided below wherever it is needed:

function fetchCookie(cname) {
  var name = cname + "=";
  var ca = document.cookie.split(';');
  for (var i = 0; i < ca.length; i++) {
    var c = ca[i];
    while (c.charAt(0) == ' ') {
      c = c.substring(1);
    }
    if (c.indexOf(name) == 0) {
      return c.substring(name.length, c.length);
    }
  }
  return null;
}

To verify the cookie's name, navigate to the Application tab within your browser's developer console. In this instance, look for connect.sid. Once identified, call the function:

fetchCookie(<cookie-name>); // You can then make use of the retrieved value.

Answer 2

If you are looking to retrieve a stored cookie from the browser, simply utilize the function provided below wherever it is needed:

function fetchCookie(cname) {
  var name = cname + "=";
  var ca = document.cookie.split(';');
  for (var i = 0; i < ca.length; i++) {
    var c = ca[i];
    while (c.charAt(0) == ' ') {
      c = c.substring(1);
    }
    if (c.indexOf(name) == 0) {
      return c.substring(name.length, c.length);
    }
  }
  return null;
}

To verify the cookie's name, navigate to the Application tab within your browser's developer console. In this instance, look for connect.sid. Once identified, call the function:

fetchCookie(<cookie-name>); // You can then make use of the retrieved value.

Utilizing req.session in an Express application with Angular (written in TypeScript) when deploying the backend and frontend separately on Heroku

Answer №1

Similar questions

Ordering a list of IP addresses using Angular Material table sorting

A guide on connecting multiple select components to a unified Angular 6+ reactive form without triggering redundant updates

Retrieving updated data from a service does not trigger a refresh of the view

Setting the base path for npm tests: A step-by-step guide

Exciting New Feature in WebStorm 2016.3: TypeScript Tooltips Inspired by VS Code!

Issue with Angular httpClient not correctly handling PHP error objects

Advancing the utilization of custom Angular input fields

Displaying Child Component in Parent Component After Click Event on Another Child Component: How to Implement Angular Parent/Children Click Events

Maintaining the essence of generics while encapsulating functions

Unexpected behavior encountered when running Angular 8 radio button checked function

Creating a personalized connect function in Typescript for react-redux applications

Tips for implementing debounce functionality in mui Autocomplete

Error: Typescript foreach loop encountering 'Expression yields void type'

What is the process of determining if two tuples are equal in Typescript?

What is the best way to add all IDs to an array, except for the very first one

Cross-origin resource sharing (CORS) restrictions in play for Dockerized Django REST and Angular

Send all Apache requests within a specified URL directory to a particular file, while directing all other requests to a different file

Struggling with defining types in NextJs when using dynamic imports in Typescript and NextJs

Having trouble incorporating a canvas created with html2canvas into the addHTML() method of jspdf

Setting up Typescript classes that inherit from one another with diverse properties for each subclass