不确定为什么在使用 express-session 时没有 cookie 被发送回我的本地主机客户端

Question

Having issues with node express-session and basically just trying to understand how it all works with regards to cookies and my session store within my postgres database.

For starters, I'm not sure why I don't receive a session id cookie within my chrome browser where my react app is running on localhost:3000 . If I call the route localhost:5000/login from postman, a cookie is received but when calling the same route from Chrome: localhost:5000/login and then check my cookies, nothing is created when using the fetch API.

The session is created fine within postgres.

Here is my middleware for session setup:

app.use(session({
  store: new pgSession({
    pool : pool,                // Connection pool
    schemaName: 'my_schema',
    tableName : 'user_sessions'       
  }),  
  secret: randomString.generate({
    length: 14,
    charset: 'alphanumeric'
  }),
  resave: false,
  saveUninitialized: false,
  cookie: { maxAge: 1000 * 60 * 60 * 24,
            httpOnly: true }  
}))


app.use(function (req, res, next) {
  res.header("Access-Control-Allow-Origin", "*");
  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  res.header('Access-Control-Allow-Methods', 'PUT, POST, GET, DELETE, OPTIONS');
  next();
});

My other question is, within my react app, how can I use the session info within my postgres db to check that all requests to all routes are still coming from the same user on the client side?

Answer 1

try this , change your cors middleware this

 app.use(cors({ origin: true, credentials: true }));

and add this when you make your request

 withCredentials: true,
   credentials: "include",

I had same problem I was recieving the cooking when making post from postman, but not from the browser when making request with axios, hopefully it works for you too as well