Logo

dev-resources.site

for different kinds of informations.

Best DX for cookies on localhost

Published at
1/17/2024
Categories
dx
cookies
localhost
Author
sibelius
Main Article
https://dev.to/woovi/best-dx-for-cookies-on-localhost-51bp
Categories
3 categories in total
dx
open
cookies
open
localhost
open
Author
8 person written this
sibelius
open
Best DX for cookies on localhost

Introduction

Cookies are still the most recommended way to handle authentication in web applications.
Furthermore, they can be tricks to get it right and to make it work on localhost, staging, and production with the same code.

Setting Cookies

Your backend needs to set the cookies after the log-in, and it also needs to remove the cookies after the log-out.

To set a cookie in the backend you can do something like this:

const domain = null;

const secure = !['development', 'test'].includes(config.NODE_ENV);

const sameSite = config.APP_ENV === 'development' ? 'Lax' : 'Strict';

const options = {
  httpOnly: true,
  overwrite: true,
  maxAge,
  secure,
  domain,
  signed: true,
  sameSite,
};

koaContext.cookies.set(cookieName, token, options);
Enter fullscreen mode Exit fullscreen mode

We are using koa to set cookies, but it can be any node framework, and the concept would be the same in other programming languages and frameworks.

Let's dive into the cookies options:

  • httpOnly: specific that this cookie can't be read by JavaScript, this is a security measure and it is recommended
  • overwrite: it will override existing cookie with the same name
  • maxAge: it sets an expiration date for the cookie, a short expiration time is good for security
  • secure: it only sends the cookies in TLS connections
  • domain: specific what domain can accept this cookie
  • signed: it ensures the value was not tampered
  • sameSite: it defines if the cookie should send in a cross-site request.

Making cookies work on localhost

Commonly, your backend server will run in a port, like http://localhost:5001 and your frontend will run in another port http://localhost:8003.
If a different port is interpreted as a different domain in your browser, then you can't set cookies from 5001 to 8003.
To make cookies work in localhost, we can use a proxy on the front end.
We can do this using our webpack config:

const config = {
  devServer: {
    proxy: {
      '/graphql': `http://localhost:5001`,
    },
  },
}
Enter fullscreen mode Exit fullscreen mode

This will proxy http://localhost:8003/graphql requests to http://localhost:5001/graphql, enabling cookies to work in your localhost.

To Sum Up

To provide the best DX you need to work end to end to ensure both the backend and frontend are tweaked to support the developer's workflows.
Right now cookies are so easy to use that we even forget that we migrated from local storage a few years ago.

If you are still using local storage to save your authentication tokens, I recommend you migrate to cookies.

Woovi
Woovi is a Startup that enables shoppers to pay as they like. To make this possible, Woovi provides instant payment solutions for merchants to accept orders.

If you want to work with us, we are hiring!

Photo by Vyshnavi Bisani on Unsplash

cookies Article's
30 articles in total
Favicon
Cookies auto clearing after browser refresh issue , CORS related express cookies issue
Favicon
Understanding Cookies in Rails: A Developer's Guide
Favicon
Understanding JWT Tokens vs. Session Cookies: The Best for Web Authentication
Favicon
How to use Cookies in Postman?
Favicon
Comprehensive Guide to Cookies in JavaScript
Favicon
Understanding Cookies: What They Are, How They Work, and Why They Matter for Your Privacy
Favicon
What Cookies are Important for Privacy?
Favicon
Making the most annoying cookie banners we could think of 🍪🤬
Favicon
The Most Annoying Cookie Banner Ever Hackathon 🤬🍪
Favicon
How to Set Up User Cookies and Connect Google Analytics in Your React App
Favicon
Cookie Consent Headaches Across Subdomains
Favicon
Hacking Cookies and PWA on Ubuntu
Favicon
Third-Party Cookies Are Gone (Or Not). How Can I Still Embed Cross-Site Apps?
Favicon
🍪 Cookies - A humbling auth experience
Favicon
Javascript Ls/ss/cookies
Favicon
Contextual Targeting vs Cookies: Who will win in 2024?
Favicon
Javascript Ls/ss/cookies😎
Favicon
Introduction to JWT and Cookie storage
Favicon
Demystifying Session-Based Authentication: Your Angular Roadmap
Favicon
How to persist client-side preferences on the client in Svelte (w/o DB)
Favicon
Cookies in Depth using Javascript and NodeJs
Favicon
Cross-Domain Tracking Implementation
Favicon
Double chocolate chip cookie
Favicon
Mastering Authentication & Authorization: Exploring Identity Framework with .NET 8 and Migrations
Favicon
Elixir - Simple Req Cookie Jar
Favicon
Limitations of Cookies
Favicon
Cookies vs Session Storage vs Local Storage
Favicon
Best DX for cookies on localhost
Favicon
Understanding Cookies and Sessions in Node.js
Favicon
Cookies

Featured ones:

Favicon
Open
abubakersiddique761
Favicon
Open
0x3d_site
Favicon
Open
0x2e_tech
Favicon
Open
0x4c-quest
Favicon
Open
gittech