I am trying to set a cookie which has my auth token in it. I can see it being returned in the response header set-cookie: xxxxxx
but for whatever reason, the browser is not storing the cookie.
On my react front end http://app1.dev:3001
I am making an POST api call as such:
return axios.get(
`${apiUrl}/info`,
{ withCredentials: true }
)
.then(res => res.data)
.catch(console.error)
And I have a simple Koa server running on http://localhost:3000
const Koa = require(koa)
const Router = require(koa-router)
const bodyParser = require(koa-bodyparser)
const cors = require(@koa/cors)
const axios = require(axios)
const env = require(./env)
const KeyGrip = require(keygrip)
const app = new Koa()
const router = new Router()
const port = env(port)
const keyList = [xxxxxxx,]
app.keys = new KeyGrip(keyList, sha256)
router.get(/info, ctx => {
console.log('req', ctx.req)
ctx.cookies.set(token, test_token, { signed: true, httpOnly: true })
ctx.body = { ok: true }
})
const corsOptions = {
origin: ctx => ctx.request.header.origin,
credentials: true
}
app
.use(cors(corsOptions))
.use(bodyParser())
.use(router.routes())
.use(router.allowedMethods())
app.listen(port, () => console.info(`Listening on port ${port}`))
I suspect it is not being set because it is cross domain. when I use http://localhost:3001
for my front end the cookie gets set fine.
Why are the cookies not being set in browser? Any help would be greatly appreciated.