'Cookie not being set from header
I'm trying to solve the problem of a cookie not being set on the client after it receives it from the server.
When I log in, I get this response:
Note that the allow credentials header is present & the cookie is being received.
The problem starts when I call /auth/refreshToken. The cookie is never set and so it's never received when the post request is made. I think this is a problem on the client side but I can't figure it out.
I make a post request to this endpoint like this:
const response = await fetch(`http://localhost:3001/auth/refreshToken`, {
method: 'POST',
headers: {
Accept: 'application/json',
'Content-Type': 'application/json',
'Authorization': `Bearer ${jwtBearer}`,
},
credentials: 'include',
body: JSON.stringify({
"input": {
"refreshToken" : refreshToken,
"fingerprintHash" : fingerprintHash
}
}),
})
On the server, I've configured CORS like this:
const corsOptions = {
credentials: true,
origin: process.env.NODE_ENV === "production" ?
'https://example.com'
:
'http://localhost:3000'
};
app.use(cors(corsOptions));
I've looked at all the answers to the following questions, which mention to add credentials: 'include' and add cors options to allow the Set Cookie header and credentials. Nothing has worked.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|