search

unjs / unstorage

💾 Unstorage provides an async Key-Value storage API with conventional features like multi driver mounting, watching and working with metadata, dozens of built-in drivers and a tiny core.
https://unstorage.unjs.io
MIT License
1.85k stars 137 forks source link

New driver: cookie #238

Open salomonsanz opened 1 year ago

salomonsanz commented 1 year ago

Describe the feature

Some frameworks (such as Laravel) have a "cookie" option as a storage driver. It consists of a cookie that contains an encrypted json with all the session data. This is very convenient because it does not require external systems (redis, etc) only node itself.

This functionality would be great, it is very convenient for development environments as well.

agracia-foticos commented 1 year ago

Please same request!

Hebilicious commented 1 year ago

@salomonsanz Unstorage is framework agnostic so I don't think we can have a cookie driver without coupling it to a web framework. Or do you mean using unstorage in the browser instead of document.cookie ? What is your use case exactly ? You might be able to accomplish this with a custom driver.

salomonsanz commented 1 year ago

I think it can be framework agnostic. I am developing a site with nuxt3 with the sidebase/nuxt-session module. This module uses unjs/unstorage, and I miss the cookie option, to store and handle the session data in a cookie, to avoid external infrastructure like Redis, Azure, etc.

Cookie driver fits perfectly for node, because if I use the node filesystem driver, it generates too much files in the server, which is tedious to manage the persistence in docker, it requires to oversize the docker and watch that the disk does not become full, routine cleaning, etc.

On the other hand, cookies are stored in the client browser, and are sent in every request to the server, so the server only has to decrypt and parse the cookie. Maybe I'm missing something, but if not, is a win-win.

maou-shonen commented 1 year ago

Even if we set aside reasons like best practices and security concerns, I think the limitation of a 4KB storage capacity alone is enough reason for me to not recommend using cookies as a driving.

salomonsanz commented 1 year ago

All drivers have their own limitations, localStorage and sessionStorage also have 4MB of limit, depends on the use you make of it. For example, to store session data (my use case), 4kb is more than enough

Hebilicious commented 1 year ago

I think it can be framework agnostic. I am developing a site with nuxt3 with the sidebase/nuxt-session module. This module uses unjs/unstorage, and I miss the cookie option, to store and handle the session data in a cookie, to avoid external infrastructure like Redis, Azure, etc.

Cookie driver fits perfectly for node, because if I use the node filesystem driver, it generates too much files in the server, which is tedious to manage the persistence in docker, it requires to oversize the docker and watch that the disk does not become full, routine cleaning, etc.

On the other hand, cookies are stored in the client browser, and are sent in every request to the server, so the server only has to decrypt and parse the cookie. Maybe I'm missing something, but if not, is a win-win.

Every http framework has a different API to manipulate cookies on the server though, so this isn't straightforward. You could make a H3-cookie-driver since that's the one Nuxt uses, and that would work with the sidebase module... But isn't the session already stored in a cookie in that module ?

salomonsanz commented 1 year ago

Is a good idea to create a h3-cookie-driver, I hadn't realized that you can't manage cookies natively in node. Thank you @Hebilicious