I am unable to set session cookies in the browser with my MERN stack app. When both the express server and the react front end are running locally the cookies are set no problem. The problem raises itself after I deployed the express backend to heroku. I tried setting the "sameSite" cookie option to "lax" or to false
even but the problem persists.
here's the configuration I use for express session.
sessionConfig = { secret: process.env.SESSION_SECRET, resave: false, saveUninitialized: true, cookie: { secure: false, httpOnly: true, expires: expiryDate, sameSite: "lax", }, store: MongoStore.create({ mongoUrl: process.env.MONGO_CONNECTION_STRING, }), } app.set("trust proxy", 1); app.use(cors({ origin: true, credentials: true })); app.use(session(sessionConfig));
EDIT: to further clarify. if I visit the root route of my express app from the browser the cookies are set normally even when the app is deployed.(IE: if I type the url of the deployed heroku app, the session cookie is set) if I make the call from the react front end that is running locally though( using fetch api) to the deployed backend, the cookie is not set. This leads me to think it could have something to do with the same site cookie option.
https://stackoverflow.com/questions/67352287/texpress-session-not-setting-cookie-in-react-app-when-deployed-to-heroku May 02, 2021 at 09:36AM
没有评论:
发表评论