JS or jQuery sessions

5

Is there any way to use sessions in js or jquery? I would like to do something like the php sessions.

    
asked by anonymous 19.03.2015 / 13:49

3 answers

7

There is no safe way to do this on the client side.

You can create a Cookie but it is a limited and insecure tool. Cookie allows a string with chaves->valores but can be modified by the user or other applications.

You can also use the Localstorage API which is a relatively new API:

localStorage.setItem('lastname','Smith'); // gravar
Storage.removeItem('lastname');           // apagar a entrada "lastname"
Storage.clear();                          // apagar tudo o que está no local storage
alert(localStorage.getItem('lastname'));

and thus save data. But it is also insecure since the user or another application can change that content.

You can read more about the API here . p>     

19.03.2015 / 14:07
4

There are several ways to keep information in JS:

  • Cookies : the oldest and most common form . Easy to set a variable, but requires a bit of extra code to get or remove. It has space limit and is sent together in the requests to the server. It is through cookies that PHP retains the id of the user's session.

  • WebStorage : introduced with HTML5. It has a much higher storage limit than cookies, as well as a simpler interface for use. It is subdivided into two types: sessionStorage (holds the data only for the window where it was created and is lost when it is closed) and localStorage (holds the data for all windows and has no expiration date, only being removed by code or directly by the user).

  • IndexedDB : used primarily for larger data storage. It has no storage limit, but some browsers ask for user permission after reaching a certain amount (usually 50Mb). It works asynchronously, a benefit for application performance and a complicator for coding, although with js we have become accustomed to asynchronism. To facilitate coding, you can use a framework, such as pouchDB .

  • WebSQL : works as one SQL database. It is the specification prior to IndexedDB and is no longer maintained by W3C.

For your case, I believe the best alterative is to use the localStorage, but it is up to you to evaluate the needs of the application.

    
19.03.2015 / 15:00
2

You can use Cookies if your application does not store much information besides the fact that you should pay particular attention to the security and how you will store this information, since using cookies the data is on the client side and for this to verify and validate the data for each request is never too much.

As an alternative, you can also use localStorage which also stores the data on the client side and offers more advantages, such as larger storage space, no expiration date, and an extremely simple API to use.

Note: PHP's SESSION'S are stored in a NO SERVER folder defined in php.ini , however for PHP identify SESSION it uses session-id is stored in cookie and is sometimes found in the url's of some applications (usually found as paramparser called PHPSESSID).

You can check this behavior using Google Chrome and by looking under the Resources tab on a site that uses sessions.

    
19.03.2015 / 14:16