Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question about the cookie #12

Open
cty945 opened this issue Nov 25, 2022 · 3 comments
Open

Question about the cookie #12

cty945 opened this issue Nov 25, 2022 · 3 comments
Labels
question Further information is requested

Comments

@cty945
Copy link

cty945 commented Nov 25, 2022

This is actually not an issue but a question instead.

May I ask how/when did the cookie got saved into browser? I was looking for a line such as cookies.set() in the client side but could not find it and the cookie was set correctly indeed somehow.
@raulrene raulrene added the question Further information is requested label Nov 25, 2022
@raulrene
Copy link
Owner

@cty945 so first of all in cookie-based authentication the cookie should be set by the server-side not by the client-side, since it's more secure and you can set a HTTP-only cookie that is not available for the client-side to edit. So the server sets the cookie on the response, and if you send cookies on HTTP responses the client automatically stores them.

Secondly, regarding your question, if you check the code you can find a comment in routes/api.js

// When using passport with callback, we have to manually call req.login to set the Cookie
    req.login(user, async () => {

So what's happening is that passport has a built-in cookie.set method that's being called on req.login

@cty945
Copy link
Author

cty945 commented Nov 25, 2022

Thanks for the response! Yes I understand that the cookie has been set by the server. But the problem I encountered is actually on the client side. "the client automatically stores them" is not happening on my end when I try to reproduce it. Yes I did checked the response in Network tab, the cookies are there, but the client is not automatically storing them for some reason so that when the code checks whether the user has logged in it returned false.

@raulrene
Copy link
Owner

Hello again.
Are you referring that it's not working in the context of this project, or in general?

In regards to this project, I just checked and ran a local setup called "Bla" node ./setup.js Bla and tested the login in the browser and the cookie is stored fine. See here a screenshot: https://i.imgur.com/Se2PwiS.png

Things for you to check

  • make sure you ran setup.js and have both the server and the client up and running (server must be connected to a mongodb instance)
  • login via the default credentials from _insertDefaultUsers or with the ones you set, if you changed them
  • make sure you're not using incognito, although it shouldn't have anything to do with it. Nor should adblockers, as I'm using adBlockers and it's working fine

If it's related to some other project I'm not sure I can help you much

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@raulrene @cty945