Session variables in Reactive web application
Question

Hi, I am interested to know how session variables are accessed/used in Reactive web application? What I can see is "Client Variables" instead. Please explain the client variables.

mvp_badge
MVP

Hi Waqas,

To say it short Client variables are to the front end (browser) what session variables are to the server.

You cannot access session variables directly in screen actions or client actions of reactive web applications.

You would need to write a server action and use that in a Data action on your screen.

Client variables are stored in locally in the browser.

Here is the official client variables documentation.

Regards,

Daniel

Hi Daniel, 

May i clarify what you do you mean by that? 

if you could point me to some reference / sample code implementation i would be most grateful 

I would like to store some form data in a Reactive Web App that are sensitive hence unable to store in local storage (or client variables). Many thanks

Hi Waqas,

In addition to what Daniel replied, I just want to add few things to answer your question on accessing session variables.

In reactive application most of the logic is run on the client side and this reduces the traffic between client and server and thus improving the performance of the applications. 

So it makes sense that client maintains these variables that are valid during his session.

Hence client variables are nothing but session variables in reactive applications except that they are stored in client side rather than server side.

As per the documentation, Client Variables reset to their default values when the user signs out of the app or when the platform signs out the user automatically. However, do not use Client Variables to store sensitive or confidential information.

Thanks

Ravi


Ravi Vakkalanka wrote:

Hi Waqas,

In addition to what Daniel replied, I just want to add few things to answer your question on accessing session variables.

In reactive application most of the logic is run on the client side and this reduces the traffic between client and server and thus improving the performance of the applications. 

So it makes sense that client maintains these variables that are valid during his session.

Hence client variables are nothing but session variables in reactive applications except that they are stored in client side rather than server side.

As per the documentation, Client Variables reset to their default values when the user signs out of the app or when the platform signs out the user automatically. However, do not use Client Variables to store sensitive or confidential information.

Thanks

Ravi


In reactive web app, session variables are still very important to store private/sensitive data on the server side, especially when they need to be cached per the session.


Ravi Vakkalanka wrote:

Hi Waqas,

In addition to what Daniel replied, I just want to add few things to answer your question on accessing session variables.

In reactive application most of the logic is run on the client side and this reduces the traffic between client and server and thus improving the performance of the applications. 

So it makes sense that client maintains these variables that are valid during his session.

Hence client variables are nothing but session variables in reactive applications except that they are stored in client side rather than server side.

As per the documentation, Client Variables reset to their default values when the user signs out of the app or when the platform signs out the user automatically. However, do not use Client Variables to store sensitive or confidential information.

Thanks

Ravi


 Why exactly it is not recommended use Client Variables to store sensitive or confidential information? How they can be accessed?

 

mvp_badge
MVP

Hi Mykola, 

Client Variable will be stored  in the client-side, directly in the browser local storage. Any javascript code could access and change this information including the devloper inspector tools in almost all browsers. If you need to store confidential/sensitive information in client variables, you should encrypt the data to make sure you are not exposing them.


Regards

Fabio Fantato

 

Fábio Fantato wrote:

Hi Mykola, 

Client Variable will be stored  in the client-side, directly in the browser local storage. Any javascript code could access and change this information including the devloper inspector tools in almost all browsers. If you need to store confidential/sensitive information in client variables, you should encrypt the data to make sure you are not exposing them.


Regards

Fabio Fantato

 

So saving sensitive data in local storage entities is also not secure, right?
I mean in case when we need to store say API key - we should encrypt it and then can save it in local storage? or in this case it is better retrieve it every time from the server?

mvp_badge
MVP

Hi Wakas,

If tou need, you can get this Clients variables in real time using this component as an example.

Regards.

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.