[Spike] Cookie Parsing

[tabazevedo]

• [x] Client-side setting of cookies
• [x] Server-side setting of cookies
• [x] Parse cookies in form processing

The premise of this is that cookies live in your app state.

Calling

app-state.get('cookies.user').update(function(){
  return {
    value: 'person',
    options: {
      httpOnly: true,
      secure: true
    }
  };
});

from anywhere will set cookies for that environment. When done server-side, it will tell the client to keep that cookie header. Options adhere to RFC6265 (uses https://github.com/expressjs/cookie-parser and https://github.com/jshttp/cookie behind the scenes)

The cookies state piece is populated on the server from client cookie headers and the app can access them that way.

To clear/unset a cookie: app-state.get('cookies.user').update(function(){ return null });

Also fixed in this:

• Form processing breaking when on-change handler not present (e.g. hidden input field)
• Route observables not being called server-side (for both form processing and SSR)

[charypar]

:heart: this is brilliant.

[charypar]

I'm now thinking we could change the redirect API to go through updating the route path in app-state instead of a special API call... :)

I'm a little worried about creating a massive state schema for these things though... Need to be careful with the balance.