0

I use NodeJS Domains to store request-level data specific to the current request--the user, the client, and the security authorizations. This data is set when the request starts and is used throughout the many levels of calls to enforce security and limit data scope.

Our most common workflow is like this:

server.js       // inject security info into domain here
*-api.js        // express request/respose handler, translate req/res to/from objects
*-controller.js // perform business actions, validation, non-db related stuff
*-data.js       // load/persist to database as needed

The server.js and *-api.js levels have access to the request which has the user info in the session. Beyond that the only way to get it is to have it either stashed in the domain, or pass it along from one call to the next through possible a dozen callbacks.

Now that Domains are deprecated, is there any alternative way to make security data present across the call structure without modifying all methods to pass it along manually?

Josh Lee
  • 171,072
  • 38
  • 269
  • 275
Samuel Neff
  • 73,278
  • 17
  • 138
  • 182

1 Answers1

0

Not sure whether you already have the answer to this or not, but in case you use ExpressJS then you should look at http://expressjs.com/4x/api.html#res.locals. That should give you a way to store/refer request level information.

arcamax
  • 610
  • 1
  • 7
  • 14