[英]Unable to set cookies from backend to frontend when deploying website
I'm using Nodejs for my server and Reactjs for my client.我的服务器使用 Nodejs,客户端使用 Reactjs。 In my client, I use axios to perform post/get requests to the server.
在我的客户端中,我使用 axios 对服务器执行 post/get 请求。 During development, everything is working perfectly fine, data is fetched and cookies are set properly.
在开发过程中,一切正常,数据已获取,cookies 设置正确。 However, when I deploy my server and client to Heroku and Netlify respectively, the cookies are suddenly not set.
但是,当我将服务器和客户端分别部署到 Heroku 和 Netlify 时,突然没有设置 cookies。
Here is my server code:这是我的服务器代码:
dotenv.config()
const server = express();
server.use(cors({origin: "https://frontendname.com", credentials: true}));
server.use(express.json());
server.use(express.urlencoded({extended:true}))
server.use(cookieParser())
server.use("/", fetchData)
server.listen(process.env.PORT, ()=>console.log(`Server listening on PORT ${process.env.PORT}`))
mongoose.connect(process.env.MONGO_URI, {useNewUrlParser: true, useUnifiedTopology: true}).then( () => {
console.log("connected to mongoose")
}).catch((error) => console.log(error.message))
My server API code我的服务器 API 代码
res.status(201) .cookie("accessToken", accessToken, {domain:"frontendwebsite.com", httpOnly: true, sameSite: 'strict', path: '/', expires: new Date(new Date().getTime() + 60 * 1000 * 4)}) .cookie("refreshToken", refreshToken, {domain:"frontendwebsite.com", httpOnly: true, sameSite: 'strict', path: '/', expires: new Date(new Date().getTime() + 60 * 1000 * 96)}) .json({message: "login verified", username: req.body.username}) .send()
My client API code:我的客户 API 代码:
axios.defaults.withCredentials = true
export const loginAuth = async (credentials) => {
return await axios.post("https://backendname.herokuapp.com/loginAuth", credentials).then((res) => {
return res
})
}
I have a strong feeling its due to the domain name that is not correct in the "res.cookie".由于“res.cookie”中的域名不正确,我有一种强烈的感觉。 Since in my development when I'm using localhost for both server and client, it works.
因为在我的开发中,当我为服务器和客户端使用 localhost 时,它可以工作。 My client is hosted on Netlify and server is hosted on Heroku.
我的客户端托管在 Netlify 上,服务器托管在 Heroku 上。 My client has a custom domain name I got from GoDaddy.
我的客户有一个我从 GoDaddy 获得的自定义域名。 I used Netlify DNS on that domain name.
我在该域名上使用了 Netlify DNS。 Any ideas?
有任何想法吗?
Can you inspect the response coming back from your server (with browser Dev Tools)?您可以检查从服务器返回的响应(使用浏览器开发工具)吗? Is there any Set-Cookie header / value returning, or is it completely missing?
是否有任何 Set-Cookie header / 值返回,还是完全丢失?
My guess is the cookie header is there, and being set, but with sameSite
set to strict
it won't send it to your backend / API.我的猜测是 cookie header 在那里,并且正在设置,但是将
sameSite
设置为strict
它不会将其发送到您的后端/API。 So I think you are right about the domain being incorrect, in res.cookie
, you could try that with backendname.herokuapp.com
.所以我认为你对域不正确的看法是正确的,在
res.cookie
中,你可以尝试使用backendname.herokuapp.com
。 Since really you want the cookie to be transmitting to / from your backend, especially as it is httpOnly
, it will never be used by your frontend / client.由于您确实希望 cookie 传输到后端/从后端传输,特别是因为它是
httpOnly
,所以您的前端/客户端永远不会使用它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.