How to set cookies?

[gregwebs]

How can I set the value of a cookie in GOA? GOA takes away the ability to write to a response.

The docs on cookies point to the DSL. The DSL documents how to talk about cookies in the API, but gives no additional code samples outside of the API descriptors. I looked through the repo and can't find anything about this.

It seems as if these cookies only meant to have their value set by something in the payload- which is an odd concept to me to begin with and certainly doesn't match my use case.

[gregwebs]

Oh, I see the example app here, it just creates an additional field on the response: https://github.com/goadesign/examples/tree/master/cookies

[raphael]

Yes, just to step back a bit: the idea is that method request payload and result are defined independently of the transport.

A method accepts a given data structure and returns another well defined data structure (or optionally errors). All of this is true no matter how that method is being called. Then the Goa DSL makes it possible to define how these data structures are initialized (server requests or client responses) or serialized (server responses or client requests) for a given transport (HTTP or gRPC at this point).

The HTTP DSL says "read this field from a cookie - or - serialize this field into a cookie. This approach makes for a much cleaner architecture where transport concerns are completely decoupled from the underlying HTTP details. Practically speaking it makes it simple to change transport details without changing any business logic (e.g. instead of writing a cookie if you needed to write a header it would be a one line change in the design - no change at all in the implementation). It also makes it possible to completely switch the underlying transport or add support for a new transport (switch from/to HTTP and gRPC) without changing any implementation code.

[gregwebs]

That makes sense. I am skeptical though that it is going to be useful to abstract over something that is designed for the browser like cookies. They are normally only going to be used for a browser-based client where the browser will auto-send. grpc-web may exist, but GRPC is generally only going to be used for intra-service communication where the client isn't a browser with such a built-in feature.
That is there normally isn't a need to be transport agnostic in such a case. It is useful in the case of non-browser driven interactions- those are often switched from HTTP to GRPC.