Important: This news article covers an old version of Javalin (v0.5.0). The current version is v6.1.3.
See the documentation page for up-to-date information.

Introducing the cookieStore

The new ctx.cookieStore() functions provide a convenient way for sharing information between handlers, request, or even servers:

ctx.cookieStore(key, value) // store any type of value
ctx.cookieStore(key) // read any type of value
ctx.clearCookieStore() // clear the cookie-store

The cookieStore works like this:

  1. The first handler that matches the incoming request will populate the cookie-store-map with the data currently stored in the cookie (if any).
  2. This map can now be used as a state between handlers on the same request-cycle, pretty much in the same way as ctx.attribute()
  3. At the end of the request-cycle, the cookie-store-map is serialized, base64-encoded and written to the response as a cookie. This allows you to share the map between requests and servers (in case you’re running multiple servers behind a load-balancer)

Example:

serverOneApp.post("/cookie-storer") { ctx ->
    ctx.cookieStore("string", "Hello world!")
    ctx.cookieStore("i", 42)
    ctx.cookieStore("list", listOf("One", "Two", "Three"))
}

serverTwoApp.get("/cookie-reader") { ctx -> // runs on a different server than serverOneApp
    val string = ctx.cookieStore<String>("string")
    val i = ctx.cookieStore<Int>("i")
    val list = ctx.cookieStore<List<String>>("list")
}

Since the client stores the cookie, the get request to serverTwoApp will be able to retrieve the information that was passed in the post to serverOneApp.

Added Header.kt

A constant-class holding all common headers has been added:

object Header {
    const val ACCEPT = "Accept"
    const val ACCEPT_CHARSET = "Accept-Charset"
    etc...
}

const val in Kotlin behaves like public static final in Java, and can be called like Header.ACCEPT from both languages.

Added ctx.basicAuthCredentials()

Added a function which returns a BasicAuthCredentials object, which has username and password used for basic-auth.

Removed two functions

  • Javalin#ipAddress has been removed. The IP can still be configured via Javalin#embeddedServer, but the functionality is not used often enough to deserve its own method.
  • Context#bodyParam has been removed. It was just an alias for Context#formParam, which is still there.

Other changes introduced from 0.4.0 to 0.5.0

  • 0.4.0 Added cors and changed plugin-config
  • 0.4.1 Added request-logging and improved form-params with three more functions
  • 0.4.2 Improved logging and static file handling