-
-
Notifications
You must be signed in to change notification settings - Fork 26.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Call API Request from Client-side to use cookie for Authorization #828
Comments
Can you explain the issue a bit further, and maybe provide screen shots of failed request. Though my initial guess, connect session uses httpOnly cookie. app.use(express.session({
secret: 'mySecret',
cookie: { httpOnly: false }
})); But it is advisable to use same-origin ( Only send cookies if the URL is on the same origin as the calling script) or include (Always send cookies, even for cross-origin calls.) |
Also i would recommend to use , axios (https://github.com/mzabriskie/axios) , it has inbuilt support for promises, and provides syntactic sugar. with axios you would have to pass something like : axios.get('http://my.url', {
withCredentials: true
})
.then( (response) => {
console.log(response.data)
}) |
@shrynx Thanks for your quick responses, especially |
Description
I am new to React and decide to use
create-react-app
for my next project. Now I have an api server atmyapi.domain.com
and it is authorized by using cookie. In my react project, I usefetch
to make request, for example, atmyapi.domain.com/v1/getData
. When I compare this request with the request I type directly to browser address, I can see a difference.Expected behavior
The
connect.sid
value inCookie
field in 2 requests headers are the same.Actual behavior
The
connect.sid
value inCookie
field in 2 requests headers are different, so my api server cannot authorize the request.I assume that when using
fetch
, the request is not called from client-side, so it cannot get the cookie stored in browser.So in this case, how can I call a request from client-side (to use cookie stored in browser)?
Sorry for my bad English and explanation.
The text was updated successfully, but these errors were encountered: