02. Session Storage/01. Cookie Session Storage (πŸ’ͺ problem)

Cookie Session Storage

πŸ‘¨β€πŸ’Ό We're not talking about window.sessionStorage here. We're talking about storing information about the current session. For this feature, we want to be able to show the user a toast notification when they delete a note. And we'll want our solution to be generic enough to use for other notifications in the future.
We could definitely use one of many React libraries to accomplish this, but we're going to go OG with the web and use cookies. The idea is in our action for the deletion, we'll set a cookie that has the message we want to show. And then the root loader will read that cookie and send the data along to the UI where we'll display the toast notification.
πŸ§β€β™‚οΈ I've already implemented the UI bit for the toast notifications so you can focus on the session storage bit. Feel free to check out my work if you'd like to see what that involved.
πŸ‘¨β€πŸ’Ό Based on our requirements, we'll use Remix's createCookieSessionStorage API to create a session storage object that we can use to store and retrieve the toast information.
🐨 Please
Create app/utils/toast.server.ts
to initialize this session storage object.
🐨 Configure the cookie option with the following properties:
  • name: 'en_toast' - this is the name of the cookie that will be created and should be unique relative to other cookies on your domain ("en" is short for "Epic Notes").
  • sameSite: 'lax' - The cookie is sent with "safe" HTTP methods (like GET), and only when the request originates from the same site or when the user navigates to the URL from an external site, such as by following a link. This is a balance between security and usability, preventing the cookie from being sent with cross-site POST requests (which are often used in cross-site request forgery attacks), but still allowing the user to access content via regular navigation.
  • path: '/' - The cookie is sent for all requests on the domain.
  • httpOnly: true - The cookie is not accessible via JavaScript. This is important for security because it prevents cross-site scripting attacks from accessing the cookie.
  • secrets: process.env.SESSION_SECRET.split(',') - This is an array of secrets that will be used to sign the cookie. This is important for security because it prevents the cookie from being tampered with. It's an array so you can rotate their values over time. We are using an environment variable for the secret. So you'll need to add that to the
    .env
    file. Once you have that set, you can update
    app/utils/env.server.ts
    so you have type-safe access to that environment variable.
  • secure: process.env.NODE_ENV === 'production' - The cookie is only sent over HTTPS. This is important for security because it prevents the cookie from being sent over an insecure connection. We only want to do this in production because while some browsers are fine ignoring this on localhost, Safari does not.
With that, you can add this to export all the bits of the sessionStorage so we can use them throughout the app:
export const toastSessionStorage = createCookieSessionStorage({
	// ...
})
There's no straightforward way to test that you've got this done correctly until the next step, so you may check the diff to make sure you got it right before moving on.
← PreviousNext β†’
Edit on GitHub
problemsolutiondiffchat

Please set the playground first

Loading "Cookie Session Storage"
Loading "Cookie Session Storage"
Login to get access to the exclusive discord channel.
  • general
    Welcome to EpicWeb.dev! Say Hello πŸ‘‹
    Kent C. Dodds β—† πŸš€πŸ†πŸŒŒ:
    This is the first post of many hopefully!
    • 18
     86 Β· 2 years ago
  • general
    Modals / Dialogs
    Lucas Wargha πŸš€ 🌌:
    It seems like modals and dialogs are becoming a hot topic on my team lately. I haven’t found a solid...
    3 Β· a month ago
  • general
    epic stack website initial load at home page is unstyled (sometimes)
    osmancakir πŸš€ 🌌:
    Sometimes (especially when it is loaded first time on a new browser etc.) I see this unstyled versio...
    • βœ…1
     10 Β· 4 months ago
  • πŸ”auth
    Fetching verification from DB in the Verification section of Authentication module
    Real πŸš€ πŸ†:
    ```const verification = await prisma.verification.findUnique({ where: { target_t...
    • βœ…1
     5 Β· 2 months ago
  • general
    Resource / Api endpoints on epic stack / RR7
    Lucas Wargha πŸš€ 🌌:
    Hi everyone! Quick question for those using the Epic Stack: How are you handling resource routes ...
    • βœ…1
     2 Β· 3 months ago
  • general
    Epic stack using tanstack form
    Lucas Wargha πŸš€ 🌌:
    https://github.com/epicweb-dev/epic-stack/compare/epicweb-dev:main...wargha:feature/tanstack-form-ex...
    • βœ…1
     3 Β· 4 months ago
  • general
    Init command outdated on the EpicWeb website
    Virgile πŸ† 🌌:
    Hi everyone. I've initialized a new epic-stack project yesterday. Following instructions from http...
    • βœ…1
     3 Β· 4 months ago
  • πŸ”auth
    Roles seed
    Baghira 🌌:
    I haven't understood why we do the manual migration in for patch the permissions and roles into the ...
    • βœ…1
     2 Β· 4 months ago
  • general
    Mark as complete, resets the first time you click it.
    Daniel V.C πŸš€ 🌌:
    Not sure if anyone else has had this issue, as i've not seen anyone else talk about it, but I find ...
    • βœ…1
     8 Β· 4 months ago
  • πŸ’Ύdata
    general
    πŸ“forms
    πŸ”­foundations
    double underscore?
    trendaaang 🌌:
    What with the `__note-editor.tsx`? I don't see that in the Remix docs and I don't remember Kent talk...
    • βœ…1
     2 Β· a year ago
  • general
    Keeping Epic Stack Projects Free on Fly – Any Tips?
    Lucas Wargha πŸš€ 🌌:
    I’ve been experimenting with the Epic Stack and deploying some dummy projects on Fly. I noticed that...
    • βœ…1
     0 Β· 4 months ago
  • πŸ’Ύdata
    general
    πŸ“forms
    πŸ”­foundations
    Creating Notes
    Scott 🌌 πŸ†:
    Does anybody know in what workshop we create notes? I would like to see the routing structure. So fa...
    • βœ…1
     2 Β· 6 months ago
  • πŸ”­foundations
    πŸ’Ύdata
    general
    πŸ“forms
    πŸ”auth
    Thank you for the inspiration
    Binalfew πŸš€ 🌌:
    <@105755735731781632> I wanted to thank you for the incredible knowledge I gained from your Epic Web...
    • ❀️1
     1 Β· 7 months ago
  • general
    npm install everytime I setup a new playground
    Duki 🌌:
    Is it normal that I have to run `npm install` in my playground directory, everytime I setup the play...
    • βœ…1
     2 Β· 9 months ago
  • πŸ”auth
    The latest web-auth workshop cannot be launch
    QzCurious 🌌 πŸš€:
    I've done: 1. Remove web-auth directory 2. Follow https://github.com/epicweb-dev/web-auth?tab=readme...
    • βœ…1
     7 Β· 10 months ago
  • general
    Migration to Vite: Server-only module referenced by client
    Fabian 🌌:
    Hi, I'm working on migrating to Vite following the remix docs (https://remix.run/docs/en/main/guides...
    • βœ…1
     1 Β· a year ago
  • πŸ”auth
    Github token added on refactor of connection model exercise
    abraham_aguilera 🌌:
    Where does the newly created `GITHUB_TOKEN` come from in the `resolveConnectionData` introduced in t...
    • βœ…1
     2 Β· a year ago
  • πŸ”auth
    Potential Security Concern with Empty Session Data in createCookieSessionStorage?
    QzCurious 🌌 πŸš€:
    Since session data can be an empty object, it seems possible that someone could guess when encrypted...
    • βœ…1
     6 Β· 10 months ago
  • general
    Remix Vite Plugin
    Binalfew πŸš€ 🌌:
    <@105755735731781632> Now that remix officially supports vite (though not stable) what does it mean...
    • βœ…1
     3 Β· 2 years ago
  • general
    πŸ”­foundations
    Solutions video on localhost:5639 ?
    quang πŸš€ 🌌:
    Hi, so I'm having a hard time navigating (hopefully will be better with time) The nav on epicweb.de...
    • βœ…1
     9 Β· 2 years ago
  • πŸ”auth
    Where are we getting target_type from?
    Salym πŸš€ πŸ† 🌌:
    I don't see target_type in ur verification schema, how are we generating this?
    • βœ…1
     9 Β· a year ago
  • πŸ”auth
    Unknown file extension ".png" for ".../user.png"
    TraderDave79 🌌:
    I'm going through the `web-auth` module and in the "Require Authenticated" exercise, after making th...
    • βœ…1
     9 Β· a year ago
  • πŸ”auth
    github.com refuses to connect in workshop app
    TraderDave79 🌌:
    Web Authentication / OAuth / 02. GitHub Strategy / Problem & Solution apps, when clicking "Login wit...
    • βœ…1
     3 Β· a year ago
  • general
    Epicshop is now social and mobile friendly!
    Kent C. Dodds β—† πŸš€πŸ†πŸŒŒ:
    I'm excited to announce that now the Epic Web workshops are mobile friendly! https://foundations.ep...
    • πŸŽ‰2
     0 Β· a year ago