• Web

Introduction: Session Cookies

From the class:  Session Cookies

In the class "How the Web Works," you saw how cookies give us the ability to maintain state across multiple HTTP requests. Well, in this class, I want to take that idea further and talk to you about something called session. It's how we enable authentication, and also how we uniquely identify a user over multiple HTTP requests, and also possibly over a long period of time.

The way I'm going to do that is by building up a simple session system from scratch. It's not going to be the world's best implementation of a session system, but I'm hoping that it will show you the concepts that are involved in implementing session. That way, regardless of whatever HTTP application framework you're using, like Rails or Express, you'll understand the concepts involved in session. And then, if you need to pick libraries to enable different functionalities of session, you'll know what you're picking.

I'm going to be building up this application in JavaScript running on Node.js. But the concepts that we're going to be studying apply to all the HTTP frameworks-- whether it's Ruby and Rails, or Python and Django, or Express and Node.js-- it's all the same. It'll be helpful to know a little bit of JavaScript to follow along, but it's not required.

The reason I'm choosing Node.js instead of, say, doing this in Ruby, or some other language and some other runtime, is because it's really easy to create an HTTP server in Node.js. And all we have to do is to fill in this function, and we can handle the response to the client right here. I'm not going to be pulling in any other libraries beyond just a few minimal things, and you can see those up here. And that's so that you can see firsthand what's required to do this, without hiding any of the implementation details.

To run the sample application, you'll need Node.js installed, of course. And just type npm start. That'll boot up the server, and it'll be listening on port 3000. If you're already familiar with Node.js and JavaScript, you might be wondering what this is. This is a program called nodemon that's going to run the server and restart it automatically if any of the files change. So it'll be much easier for us to work and not having to worry about continually restarting the server.

Down in the bottom console, we can curl this server, just to make sure that it's running properly. And I'll use the capital I option to say I just want to get the headers. I don't need to see the HTML body of the response. And just like always, we can curl localhost 3000 and see the headers that come back right here.

As always, pre-req's, I'll put down in the body of the post, so take a look for that. Or any additional materials I think that might be helpful, I'll put down there as well. And over in the Materials section, you'll find the source code for the class, along with the transcript and keyboard shortcuts. And as always, if you really enjoy something, please share it with your friends. All right, let's get into it.