Here’s What’s New From The NodeJS – FoalTS – Version 2.2 Update


Author profile picture

@loicpoullainLoïc Poullain

Fullstack developper. Creator of FoalTS.

Version 2.2 of Foal has been released! Here are the improvements that it brings.

Authentication Improvement for Single-Page Applications (SPA)

When building a SPA with cookie-based authentication, it can sometimes be difficult to know if the user is logged in or to obtain certain information about the user (

isAdmin

, etc).

Since the authentication token is stored in a cookie with the

httpOnly

directive set to

true

(to mitigate XSS attacks), the front-end application has no way of knowing if a user is logged in, except by making an additional request to the server.

To solve this problem, version 2.2 adds a new option called

userCookie

that allows you to set an additional cookie that the frontend can read with the content you choose. This cookie is synchronized with the session and is refreshed at each request and destroyed when the session expires or when the user logs out.

In the following example, the

user

cookie is empty if no user is logged in or contains certain information about him/her otherwise. This is particularly useful if you need to display UI elements based on user characteristics.

Server-side code

function userToJSON(user: User|undefined) {
  if (!user) {
    return 'null';
  }

  return JSON.stringify({
    email: user.email,
    isAdmin: user.isAdmin
  });
}

@UseSessions({
  cookie: true,
  user: fetchUser(User),
  userCookie: (ctx, services) => userToJSON(ctx.user)
})
export class ApiController {

  @Get('/products')
  @UserRequired()
  async readProducts(ctx: Context) {
    const products = await Product.find({ owner: ctx.user });
    return new HttpResponseOK(products);
  }

}

Cookies

Client-side code

const user = JSON.parse(decodeURIComponent(/* cookie value */));

New Look of the

createapp

Command

The output of the

createapp

command has been prettified to be more “welcoming”.

Support of Nested Routes in

foal generate|g rest-api <name>

Like the command

g controller

,

g rest-api

now supports nested routes.

Let’s say we have the following file structure:

src/
 '- app/
  |- controllers/
  | |- api.controller.ts
  | '- index.ts
  '- entities/
    |- user.entity.ts
    '- index.ts

Running these commands will add and register the following files:

foal generate rest-api api/product --auth --register
foal generate rest-api api/order --auth --register
src/
 '- app/
  |- controllers/
  | |- api/
  | | |- product.controller.ts
  | | |- order.controller.ts
  | | '- index.ts
  | |- api.controller.ts
  | '- index.ts
  '- entities/
    |- product.entity.ts
    |- order.entity.ts
    |- user.entity.ts
    '- index.ts

Previously published at https://foalts.org/blog/2021/02/25/version-2.2-release-notes

Tags

Join Hacker Noon

Create your free account to unlock your custom reading experience.

Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *