Express Cookies
Overview
Have you ever thought about how a website can give you a user-friendly experience? What are Cookies and how does it work? Whether you should accept or reject it?
Cookies are nothing but small text files that store your information. They are present on your laptop, computer, or mobile phone. Many Websites use cookies to provide a better user experience to the users. But it can be used to track your activities as well.
What are Cookies?
When a user browses a website on a web browser, a small unit of information is stored in the web browser i.e. sent by the website. This unit of information is known as a cookie. A cookie can be accessed either through the web server or the client's computer. When the user visits the website back, the web browser sends the data or information to the website to recognize the user. It is also used to track the activities of the user and their web content preferences.
Uses of HTTP Cookies
HTTP cookies are small text files that are used by websites to store information on a user's computer or mobile device. Cookies have many different uses, including:
- Session management: Express cookies keep users logged in as they navigate a website. When a user logs into a website, a cookie is created that allows them to stay logged in as they navigate the site. This means that the user doesn't have to keep logging in every time they move to a new page on the website.
- Tracking: Express cookies can be used to track a user's activity on a website, which can be used for analytics or targeted advertising. This can be a controversial use of cookies, as some users may feel that their privacy is being invaded.
- Authentication: Express cookies can also be used for authentication. For example, a website might use cookies to remember that a user has already entered their login credentials, so they don't have to re-enter them every time they visit the site. This can help protect the user's account from unauthorized access.
How do Cookies Work?
Express cookies are small files that are stored on a user's computer or mobile device when they visit a cookie-enabled website. When a user visits a website for the first time, the browser prompts them to accept cookies. Once accepted, the server sends a cookie to the user's browser, which is stored on their device.
The next time the user visits the website or sends another request, the express cookie is sent back to the server along with the request. The server uses the information stored in the cookie to remember the user's preferences and keep track of their activity on the website.
For example, when a user logs into Facebook or Instagram, the server sends a cookie to the user's browser, which is stored on their device. The next time the user visits Facebook or Instagram, the cookie is sent back to the server, and the server remembers the user's login session, keeping them logged in.
The Main Difference Between a Session and a Cookie
A session is a way for a website to keep track of a user's activity as they move around the site. When a user logs in, a unique session ID is generated and stored on the server. The session ID is used to associate the user's activity with their login. Sessions are stored on the server and are deleted when the user logs out or when the session times out.
A cookie is defined as a simple text file that is stored on the user's device. Cookies are often used to store user preferences or settings, such as their language preference or their preferred layout. Cookies can also be used for tracking and authentication purposes. Cookies are stored on the user's device and can persist even after the user has closed their browser.
Import Cookie-parser Into Your App
We can import cookie-parser in our app by installing the following NPM package:
After installation, we are required to import the cookie-parser in our code.
Express.js Cookies Example
Adding a Simple Cookie
To use cookies with the express, we use cookie-parser middleware. It is a middleware that parses cookies to connect with the client request object.
To set new cookies, we need to define a route using app. get that routes HTTP GETrequests with specific callback functions. Also, we use res. send() that sends the HTTP response.
If we want to check whether the cookie is set or not, open the browser window and click console, and enter:
Adding Cookies With Expiration Time
To add an express cookie, we need to use res. cookie(). res.cookie(): It is used to set a cookie with name(name) and name(name) that is sent along with the response.
Syntax
We can add cookies with an expiration time in our app. There are two ways of adding cookies with expiration times:
- We have to pass an object with the property expire set to the time when we want the cookie to expire. For example,
- We can use the maxAge property to set the relative time instead of the absolute time. For example,
Deleting Existing Cookies
Express cookies can be deleted from the browser that depends on the request the user makes. When a user logs out from the browser and cookies are used for login purposes, then the request will be made through a delete command.
Example
We use res.clearCookie() to clear cookies. After executing the following code snippet, if we open http://localhost:5000/remove, we will see the cookies will get deleted.
Conclusion
- The Cookies are small text files that store user preferences and information.
- Some of the major uses of Cookies are Session Management, Personalization, Tracking, and Authentication.
- Express cookies have an expiration time that can be set when they are created. If the time is not set, the cookie is deleted when the user closes their browser.
- You can use the express.cookieParser() method to access the user’s cookie values from the object req. cookie in the request handlers.
- Some rules are applied to ensure cookies are used appropriately and to protect user privacy. These regulations limit the type of data cookies can collect from users.