See this discussion on .
When the backend runs on multiple pods/nodes, when the subsequence request comes in too early, the backend will not be able to send cache invalidation requests across the cluster. In addition, if multiple requests are spread across multiple nodes, delays and unnecessary resources will be consumed.
For a single client, Spartacus should interact with a single backend as much as possible. This is traditionally called a "sticky session."
CCv2 has made partial preparations for this. It adds the ROUTE cookie to the response. However, this cookie is not configurable and does not use the SameSite policy. This means that a decoupled storefront may not be able to use it because it acts on a different domain. It seems that only Chrome has this problem today, but more browsers are expected to appear in the future.
Unfortunately, Spartacus today does not use ROUTE cookies. Cookies are not sent with any request at all. In order to take advantage of ROUTE cookies, the following actions must be performed:
- Use the withCredentials: true option in the http client to send cookies for every request
- Use an additional CORS filter (Allow-Origin-With-Credentials:true) to configure the business backend to ensure that the cookie passes the filter.
To ensure that Spartacus (or better: angular) will send cookies with the request, the request must be done with the withCredentials: true option. This can be done in the interceptor so that we can do this in a generic way and make sure that no requests forget this.
Once these front-end enhancements are in place, errors will be thrown because additional back-end configuration must be completed. A new configuration property corsfilter.ycommercewebservices.allowCredentials = true must be added.
Specific enhancements on SAP Spartacus:
First add a configuration item in occ-config.ts: useWithCredentials
Then create a new interceptor. If it detects that the withCredentials option is enabled in the configuration, it will intercept all HTTP requests and add the corresponding withCredentials information.
Finally, inject this HTTP interceptor implementation into the module:
Test Methods
(1) Verify whether the response cookie ROUTE is retrieved for the first OCC request
(2) Verify that the ROUTE cookie has been added to all sub-sequence requests
Test Results:
When we first loaded the SPA, we got the ROUTE cookie in the response of the first occ call.
Then we get the ROUTE cookie in the subsequent occ request.
More original articles by Jerry, all in: "Wang Zixi":
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。