Best practice on checking for logged in user from client side

66 views
Skip to first unread message

Bobby

unread,
Feb 3, 2012, 8:41:20 PM2/3/12
to Express
Should I set the username in the cookie and check for its existence
but examining the cookie client side, or should I send an extra ajax
request which will check to see if req.session.user is set?

vision media [ Tj Holowaychuk ]

unread,
Feb 7, 2012, 7:14:06 AM2/7/12
to expre...@googlegroups.com
depends on the app I suppose but I typically will just expose a select amount of data to the client via the rendered HTML responses, so using something like express-expose to expose a bit of info like the user name / email / role etc. Just be careful not to rely on anything, just because the user has a role of "admin" certainly wont mean they're really an admin


--
You received this message because you are subscribed to the Google Groups "Express" group.
To post to this group, send email to expre...@googlegroups.com.
To unsubscribe from this group, send email to express-js+...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/express-js?hl=en.




--
Tj Holowaychuk
Vision Media
President & Creative Lead

Bobby Chambers

unread,
Feb 9, 2012, 12:46:42 PM2/9/12
to expre...@googlegroups.com
Thank you for the reply. I am new to this community, formerly of python pylons/pyramid frameworks. I just wanted to say that I commend the energy you put in and your help to make this community the vibrant, energetic, refreshing experience that it is.  

Ivoszz

unread,
Feb 12, 2012, 11:37:48 AM2/12/12
to expre...@googlegroups.com
It is nice, I missed this module. But I am not sure how to use it to expose complex objects to client. I need to expose this variable, e.g.:
var dataArray = [{x: 1, y:2}, {x:2, y:3}, {x:3, y:4}, ...]; , in script section. I just wanted to ask you how to do it in plain Jade (or maybe with your module), I am still struggling with it. Now I am doing it stringyfying to JSON string on server, putting it into Jade view and encode it back on client, but this is very ugly solution.  

Thanks for any advice.

2012/2/9 Bobby Chambers <bobby.ch...@gmail.com>
Reply all
Reply to author
Forward
0 new messages