可以在浏览器中设置事件监听器来捕获从res.render返回的值吗?

huangapple go评论69阅读模式
英文:

Is it possible to set up an event listener in the browser to capture values returned from res.render?

问题

以下是您要的翻译内容:

期望的行为

我有一个使用Azure AD B2C进行登录的Node.js/Express应用程序。

我想要将从服务器端以OAuth风格返回的值返回到浏览器,并将它们保存在浏览器的Cookie中(使用js-cookie)。

我想要这样做是为了可以在各种UI功能中使用这些值。

然而,目前唯一返回浏览器的是通过res.render()(使用简单的模板引擎)的东西:

res.render('index', { page_html: my_page_html, some_other_value: 'hello' });

基本上,res.render将一个HTML文件返回到浏览器,其中包含由传递给res.render的变量替换的占位符值。

是否可能在浏览器中设置一个事件监听器来捕获从res.render返回的值?

或者,如果这不可能,是否有其他方法可以在与res.render并行进行的情况下将值“推送”到前端,以便前端代码可以处理它?

背景

在以前的项目中,我曾经从前端向后端发起Ajax请求,因此可以轻松访问从服务器返回的内容,然后可以在响应处理程序逻辑中使用并保存在浏览器的Cookie中等。

然而,在这种情况下,我正在从后端代码中执行所有的登录逻辑,因此前端到后端没有特定的请求,也没有前端的响应处理程序。

因此,我不确定如何将在后端(登录后)收到的值传递给前端。

身份验证过程遵循常见的OAuth工作流程:

  • 用户访问受保护的端点 - 在这种情况下是“根”端点(即:/
  • 用户被转发到身份提供程序进行登录(在这种情况下是Azure AD B2C)
  • 成功登录后,用户被转发到重定向URI,并在服务器端代码中接收到授权代码
  • 服务器端代码使用授权代码请求访问令牌
  • 访问令牌保存在req.session.accessToken
  • 对于后续对受保护端点的请求,如果req.session.accessToken存在,请求可以继续进行

此项目不使用任何JavaScript框架(例如React、Angular)。

英文:

Desired Behaviour

I have a Node.js/Express application that uses Azure AD B2C to login.

I want to return values returned from the server-side, OAuth style, login to the browser and save them in browser cookies (using js-cookie).

I want to do this so that I can use these values in various UI functionality.

However, the only thing that currently goes back to the browser is via res.render() (using a simple template engine):

res.render('index', { page_html: my_page_html, some_other_value: 'hello'  });

Essentially, res.render returns an html file to the browser which contains placeholder values that are replaced by the variables passed into res.render.

Is it possible to set up an event listener in the browser to capture values returned from res.render?

Or, if that is not possible, is there any other way to 'push' a value to the frontend (in parallel with res.render) so that it could be handled by frontend code?

Context

Previously, in other projects, I have made Ajax requests from the frontend to the backend and therefore had easy access to what was returned from the server, which I could then use in response handler logic and save in browser cookies etc.

However, in this instance, I am doing all my login logic from the backend code and therefore there is no specific request from frontend to backend, and no response handler in the frontend.

So I am not sure how I can pass values received in the backend (after login) to the frontend.

The authentication process follows a common OAuth work flow:

  • User hits a protected endpoint - in this case the 'root' endpoint (i.e: /)
  • User is forwarded to identity provider to login (in this case Azure AD B2C)
  • On successful login, user is forwarded to a redirect URI, and authorisation code is received in server-side code
  • Server-side code uses authorisation code to request an access token
  • Access token is saved in req.session.accessToken
  • On subsequent requests to protected endpoints, if req.session.accessToken is present, the request can proceed

This project does not use any JavaScript framework (eg React, Angular).

答案1

得分: 1

你可以通过在res.render()方法的回调中使用res.cookie()来设置响应中的cookie,然后再调用res.send()

浏览器会按预期保存该cookie,然后您可以使用js-cookie来访问它。

作为参考,您需要像这样做:

res.render('index', { /* locals */ }, function (err, html) {
  res.cookie('key', 'value');
  res.send(html);
);
英文:

You can simply set a cookie on the response by using the callback of the res.render() method and call res.cookie() inside of it before calling res.send().

The browser will save the cookie as expected, which you can then access using js-cookie.

For reference, you need to do something like this

res.render('index', { /* locals */ }, function (err, html) {
  res.cookie('key', 'value');
  res.send(html);
);

huangapple
  • 本文由 发表于 2023年1月8日 14:19:14
  • 转载请务必保留本文链接:https://go.coder-hub.com/75045867.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定