Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll

Express Basics

Preview

Start a free Courses trial
to watch this video

Sign up for Treehouse

Statelessness, Setting and Reading Cookies

9:41 with Andrew Chalkley and Joel Kraft

HTTP is a stateless protocol. Learn more about what that means, and how to save state.

Documentation

Further Resources for Storing State

Related Discussions

Have questions about this video? Start a discussion with the community and Treehouse staff.

Sign up

    Related Discussions

    Have questions about this video? Start a discussion with the community and Treehouse staff.

    Sign up

    In the next few videos, we'll add another page to our app. 0:00
    Weยดll add a welcome page, 0:04
    that's our form will move to after a user submits the name. 0:06
    If I enter my name here, you can see that Iยดm greeted by the app as before. 0:14
    But notice, in the address bar, we're no longer on the hello URL but the root URL. 0:20
    The app has moved me to the welcome page. 0:28
    When I'm ready, I can click on the Goodbye button, which is actually another form. 0:31
    And then I'm ushered back to the hello page. 0:37
    This is a little closer to how forms normally work. 0:42
    When you submit them, you are often moved to another page, 0:46
    though what page will depend on your app. 0:51
    To learn how to implement this feature we need to talk a little more about HTTP. 0:54
    HTTP is called a stateless protocol. 1:01
    This fundamental principle of HTTP means that 1:04
    the server doesn't track the relationship between one request and another. 1:07
    Each transaction with a server is independent and 1:11
    unrelated, at least from the server's perspective. 1:15
    Here's a simple example to help you think about state. 1:19
    Consider a web form, as you fill it out, you set the text, 1:22
    check boxes, and other inputs to hold information. 1:27
    The information you enter is the state of the form. 1:31
    You've probably have the experience of setting the state of a form of filling it 1:35
    out and accidentally refreshing the page or hitting the back button. 1:39
    As you probably know, the form will be clear when it reappears and 1:44
    you have to fill it in all over again. 1:49
    In fact, each time you visit the form, it's the same empty form. 1:52
    It doesn't remember your name, address, or 1:57
    any other information that you may have told it in the past. 2:00
    You always have to put that information back in. 2:04
    That's because forms don't retain the state between refreshes, or 2:07
    at least by default. 2:11
    Clients and servers have stateless interactions. 2:13
    A server retains no memory of the client after sending a response, 2:16
    no matter how recently or often they interact. 2:21
    This means a client has to send complete information to the server every time it 2:24
    makes a request. 2:29
    Tracking state often takes a lot of architecture and memory. 2:31
    So by avoiding it altogether, the web has been able to grow to a massive scale. 2:34
    But sometimes applications need to remember previous interactions. 2:41
    In other words, sometimes we need to save the state of a request and 2:46
    remember it later. 2:51
    For example, consider an online shopping cart. 2:53
    When you put something into your cart, 2:57
    you want it to stay there even if you visit another product page. 2:59
    With a purely stateless system, your cart would be always empty. 3:04
    You need some way of tracking your purchases. 3:09
    One of the earliest and still most common methods for 3:12
    saving states on the web is a cookie. 3:15
    A cookie is a piece of data that the service stores on the client, for 3:19
    example, in your web browser. 3:22
    After receiving the cookie information from the server, when the client makes 3:25
    another request of the server, the client sends the cookie information too. 3:28
    It will even send other cookies that have been previously set perhaps by other web 3:34
    pages on that site. 3:38
    This way, the client can remind the server of 3:40
    any information it should hand back in its response. 3:43
    So for example, when a user puts some item into the cart, 3:47
    the server writes an item into a cookie. 3:51
    And it hands it back to the client in the response. 3:55
    The next time the client sends a request, it includes the cookie. 3:58
    This way the server can continue to include the item in the cart. 4:03
    One more note about cookies. 4:08
    They are stored in your browser by domain. 4:10
    This means that one domain cannot access another domain's cookies. 4:13
    For example, Netflix can't see cookies set by Amazon or vice versa. 4:17
    The cookies stored by that domain are private to that domain. 4:23
    Let's see how to use cookies to remember our app's current user. 4:28
    We can use the cookie method on Express's response object. 4:34
    The cookie method takes a name and a value. 4:39
    You can also pass in an options object as a third parameter. 4:45
    All the options you can use are listed in the table below. 4:51
    Further down, there is some code examples. 4:54
    Our use case is pretty simple, so we'll just use the first two arguments. 4:57
    In the app.js file, 5:04
    let's set the cookie when the user submits the form to the post route. 5:05
    We'll call the name, the string of username. 5:12
    This will send a cookie to the browser after we submit the form. 5:25
    Let's go to the browser now and open up DevTools, if you haven't already. 5:29
    This is where we can see if the cookie is set. 5:34
    In the application tab, on the left-hand side, we have Cookies. 5:38
    Right now, we have no cookies for this site. 5:45
    If I refresh the form, And 5:49
    enter my name, and hit Submit. 5:54
    You can see the cookie is now set. 6:00
    Now the browser will automatically send this cookie with every request it makes. 6:03
    At this point though, our app isn't reading the cookie it's getting back. 6:11
    Let's read the cookie and 6:16
    share the user's name when the user makes a get request to this route. 6:18
    To read the cookie from the request, 6:23
    we need the cookie's property on the request object. 6:26
    Looking at the documentation, we'll need another piece of middleware 6:30
    that reads the cookies, called cookie-parser. 6:35
    After we connect the cookie-parser middleware, 6:39
    we can read cookies much the same way as we did with the request 6:42
    body parameter earlier to read the form data. 6:46
    Let's go to the console and install cookie-parser. 6:51
    Then I'll add it to the app.js file like I did the body-parser. 7:00
    Cookie-parser is simpler to add though. 7:14
    I can just call the function directly and provide it to the app. 7:18
    Now down in the get hello route, we can provide it to the template as a variable. 7:26
    Just like we did in the post routes. 7:32
    This time though, we're going to read it out of the cookie we've just set. 7:35
    Let's see what happens in the browser. 7:44
    If we send a fresh get request to the hello URL, we get the greeting. 7:47
    So our app is reading the cookie correctly. 7:54
    Just to drive the point home, I'll open up a second tab, 7:57
    going to the same URL, and we get the greeting too. 8:03
    I'll close this tab now. 8:08
    Let's clear the cookie from the browser's cookie store. 8:10
    If we open up the DevTools and 8:14
    go back to the cookies page, I can clear the cookies with this button. 8:15
    Again, I'll send a get request. 8:20
    Now when I refresh the app, I get the form. 8:25
    I enter into it a new name, And get a greeting. 8:29
    Again, I'll send another get request, 8:35
    And I get the new name in this greeting. 8:44
    Keep in mind that cookies are just one way to save states and 8:47
    it's one of the simpler ways that are available to developers. 8:53
    Databases and other different browser storage called session storage 8:57
    are examples of other commonly used ways to save state. 9:02
    We will get into those in this course but check the Teacher's Notes for 9:06
    more if you're interested. 9:10
    Just another note about cookies. 9:13
    It's best not to store sensitive data in them because they're in plain text. 9:15
    So don't save passwords or credit card information. 9:21
    Great, we have successfully saved state with our app. 9:25
    At this point, there's no way to clear the cookie without using DevTools, 9:29
    that's okay. 9:33
    I'll show you how to do that in the next video, as well as, 9:34
    how to redirect your users to different routes in your app. 9:37

    You need to sign up for Treehouse in order to download course files.

    Sign up

      You need to sign up for Treehouse in order to set up Workspace

      Sign up