Railway•2y ago

Couldn't set cookie, nestjs

Project ID: eb9aa9c1-aabe-4f51-9a40-40193647b820 i deploy frontend to vercel, backend to railway. my route that set cookie 'res .cookie('jwt-token', refreshToken, { httpOnly: true, secure: true, sameSite: 'none', maxAge: 30 * 24 * 60 * 60 * 1000, }) .json({ accessToken, id: user.id })'. in main.ts i added cors 'app.use(cors({ origin: process.env.CLIENT_URL, credentials: true }));'. my cookie don't setting

18 Replies

Percy•2y ago

Project ID: eb9aa9c1-aabe-4f51-9a40-40193647b820

ThallesComH•2y ago

is your frontend using a different domain than the one on railway?

vasyldubnoOP•2y ago

yes. frontend - https://talk-plus-client.vercel.app/, backend - https://talk-plus-server-production.up.railway.app/

ThallesComH•2y ago

you're trying to set a cookie for another domain which is not possible, in this case your frontend. you'll need to specify the domain attribute in your res.cookie for your backend domain

vasyldubnoOP•2y ago

i need modify code, that added inside res.cookie(domain: ' https://talk-plus-client.vercel.app ')

ThallesComH•2y ago

yes, but instead of your frontend domain, specify your backend domain

vasyldubnoOP•2y ago

res.cookie(domain: ' https://talk-plus-server-production.up.railway.app ')

ThallesComH•2y ago

res.cookie('jwt-token', refreshToken, { domain: 'https://talk-plus-server-production.up.railway.app/' })

res.cookie('jwt-token', refreshToken, { domain: 'https://talk-plus-server-production.up.railway.app/' })

i recommend you using railway's environment variable process.env.RAILWAY_STATIC_URL (this variable will be available in your backend application)

vasyldubnoOP•2y ago

i can use variable process.env.SERVER_URL

ThallesComH•2y ago

if you've that variable you can use the railway's environment variable instead, it's automatically available at runtime and points at your domain Oops, you shouldn't place https:// only the domain is necessary, sorry. (if you're using RAILWAY_STATIC_URL then it's not necessary to remove https://)

vasyldubnoOP•2y ago

domain: talk-plus-server-production.up.railway.app

ThallesComH•2y ago

yes

vasyldubnoOP•2y ago

Sorry, but i don't see cookie in Application -> Cookies

ThallesComH•2y ago

that only shows the cookies for you current domain, which is the frontend domain. if you see, now all requests to the backend are with the cookie header

vasyldubnoOP•2y ago

on laptop works, after i logged, i always push to /chat if i logged, and if i log out, i don't open /chat, it's right. but on phone after i logged, after reload i don't open /chat

ThallesComH•2y ago

it kinda depends on the browser. Some browsers block cookies from other domains due to privacy settings if you want more info https://stackoverflow.com/questions/72204984/cookies-not-storing-on-mobile-browsers-but-working-on-desktop this can happens on desktop too, firefox offers that

vasyldubnoOP•2y ago

there is another way how to solve that

ThallesComH•2y ago

the only way i see to resolve this is to buy a domain. or you can just ditch cookies and set the Bearer header in every request

Gaming

Programming

Couldn't set cookie, nestjs