Set-cookie in response header but not set in browser
I built a GraphQL server using apollo-server-express, and run it on localhost:4000.
When I pass the query from GraphQL playground, the response has set-cookie in the header as below:
response header
But in storage > cookies tab in chrome, there are no cookies.
chrome: application > storage > cookies
Here is my server.ts. (I think I set my cors config in correct way)
const server = new ApolloServer({
typeDefs,
resolvers,
introspection: true,
playground: true,
dataSources: () => ({
projectAPI: new ProjectAPI(),
}),
context: ({ req, res }: { req: Request; res: Response }) => ({ req, res }),
})
const app = express()
/* Parse cookie header and populate req.cookies */
app.use(cookieParser())
app.use(
cors({
origin: '*',
credentials: true, // <-- REQUIRED backend setting
})
)
app.use((req: any, res: any, next: any) => {
console.log(req.cookies)
next()
})
server.applyMiddleware({ app, path: '/' })
if (process.env.NODE_ENV !== 'test') {
app.listen({ port: 4000 }, () =>
console.log(`🚀 Server ready at http://localhost:4000${server.graphqlPath}`)
)
}
export { server }
And here is my resolvers.ts:
export default {
Query: {
session: async (_: null | undefined, __: null | undefined, { res }: any) => {
const response = await fetch(`http://localhost:3000/api/v1/sessions/current_user`, {
headers: {
'content-type': 'application/json',
},
})
/** Get session cookie from the response header */
const sessionCookie = setCookie
.parse(response.headers.get('set-cookie') as string)
.find((el: any) => el.name === '_session')
/** If session cookie exists, save the cookie */
if (sessionCookie && res) {
const { name, value, ...rest } = sessionCookie
res.cookie(name, value, rest)
}
const data = await response.json()
return data.user
},
typescript express cookies graphql apollo-server
asked Nov 24 '18 at 7:00
JayJay
11
add a comment |
I built a GraphQL server using apollo-server-express, and run it on localhost:4000.
When I pass the query from GraphQL playground, the response has set-cookie in the header as below:
response header
But in storage > cookies tab in chrome, there are no cookies.
chrome: application > storage > cookies
Here is my server.ts. (I think I set my cors config in correct way)
const server = new ApolloServer({
typeDefs,
resolvers,
introspection: true,
playground: true,
dataSources: () => ({
projectAPI: new ProjectAPI(),
}),
context: ({ req, res }: { req: Request; res: Response }) => ({ req, res }),
})
const app = express()
/* Parse cookie header and populate req.cookies */
app.use(cookieParser())
app.use(
cors({
origin: '*',
credentials: true, // <-- REQUIRED backend setting
})
)
app.use((req: any, res: any, next: any) => {
console.log(req.cookies)
next()
})
server.applyMiddleware({ app, path: '/' })
if (process.env.NODE_ENV !== 'test') {
app.listen({ port: 4000 }, () =>
console.log(`🚀 Server ready at http://localhost:4000${server.graphqlPath}`)
)
}
export { server }
And here is my resolvers.ts:
export default {
Query: {
session: async (_: null | undefined, __: null | undefined, { res }: any) => {
const response = await fetch(`http://localhost:3000/api/v1/sessions/current_user`, {
headers: {
'content-type': 'application/json',
},
})
/** Get session cookie from the response header */
const sessionCookie = setCookie
.parse(response.headers.get('set-cookie') as string)
.find((el: any) => el.name === '_session')
/** If session cookie exists, save the cookie */
if (sessionCookie && res) {
const { name, value, ...rest } = sessionCookie
res.cookie(name, value, rest)
}
const data = await response.json()
return data.user
},
typescript express cookies graphql apollo-server
asked Nov 24 '18 at 7:00
JayJay
11
add a comment |
I built a GraphQL server using apollo-server-express, and run it on localhost:4000.
When I pass the query from GraphQL playground, the response has set-cookie in the header as below:
response header
But in storage > cookies tab in chrome, there are no cookies.
chrome: application > storage > cookies
Here is my server.ts. (I think I set my cors config in correct way)
const server = new ApolloServer({
typeDefs,
resolvers,
introspection: true,
playground: true,
dataSources: () => ({
projectAPI: new ProjectAPI(),
}),
context: ({ req, res }: { req: Request; res: Response }) => ({ req, res }),
})
const app = express()
/* Parse cookie header and populate req.cookies */
app.use(cookieParser())
app.use(
cors({
origin: '*',
credentials: true, // <-- REQUIRED backend setting
})
)
app.use((req: any, res: any, next: any) => {
console.log(req.cookies)
next()
})
server.applyMiddleware({ app, path: '/' })
if (process.env.NODE_ENV !== 'test') {
app.listen({ port: 4000 }, () =>
console.log(`🚀 Server ready at http://localhost:4000${server.graphqlPath}`)
)
}
export { server }
And here is my resolvers.ts:
export default {
Query: {
session: async (_: null | undefined, __: null | undefined, { res }: any) => {
const response = await fetch(`http://localhost:3000/api/v1/sessions/current_user`, {
headers: {
'content-type': 'application/json',
},
})
/** Get session cookie from the response header */
const sessionCookie = setCookie
.parse(response.headers.get('set-cookie') as string)
.find((el: any) => el.name === '_session')
/** If session cookie exists, save the cookie */
if (sessionCookie && res) {
const { name, value, ...rest } = sessionCookie
res.cookie(name, value, rest)
}
const data = await response.json()
return data.user
},
typescript express cookies graphql apollo-server
asked Nov 24 '18 at 7:00
JayJay
11
I built a GraphQL server using apollo-server-express, and run it on localhost:4000.
When I pass the query from GraphQL playground, the response has set-cookie in the header as below:
response header
But in storage > cookies tab in chrome, there are no cookies.
chrome: application > storage > cookies
Here is my server.ts. (I think I set my cors config in correct way)
const server = new ApolloServer({
typeDefs,
resolvers,
introspection: true,
playground: true,
dataSources: () => ({
projectAPI: new ProjectAPI(),
}),
context: ({ req, res }: { req: Request; res: Response }) => ({ req, res }),
})
const app = express()
/* Parse cookie header and populate req.cookies */
app.use(cookieParser())
app.use(
cors({
origin: '*',
credentials: true, // <-- REQUIRED backend setting
})
)
app.use((req: any, res: any, next: any) => {
console.log(req.cookies)
next()
})
server.applyMiddleware({ app, path: '/' })
if (process.env.NODE_ENV !== 'test') {
app.listen({ port: 4000 }, () =>
console.log(`🚀 Server ready at http://localhost:4000${server.graphqlPath}`)
)
}
export { server }
And here is my resolvers.ts:
export default {
Query: {
session: async (_: null | undefined, __: null | undefined, { res }: any) => {
const response = await fetch(`http://localhost:3000/api/v1/sessions/current_user`, {
headers: {
'content-type': 'application/json',
},
})
/** Get session cookie from the response header */
const sessionCookie = setCookie
.parse(response.headers.get('set-cookie') as string)
.find((el: any) => el.name === '_session')
/** If session cookie exists, save the cookie */
if (sessionCookie && res) {
const { name, value, ...rest } = sessionCookie
res.cookie(name, value, rest)
}
const data = await response.json()
return data.user
},
typescript express cookies graphql apollo-server
typescript express cookies graphql apollo-server
asked Nov 24 '18 at 7:00
JayJay
11
asked Nov 24 '18 at 7:00
JayJay
11
asked Nov 24 '18 at 7:00
JayJay
11
asked Nov 24 '18 at 7:00
JayJay
11
asked Nov 24 '18 at 7:00
JayJay
11
11
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Are you using apollo-client on the client side?
If so, you need to add the credentials option when you create the terminating http link (or batch link etc). If not using apollo-client, you just need to add in this option accordingly.
const OPTS = {
uri: GQL_BASE,
credentials: 'include', // or 'same-origin' etc.
includeExtensions: true,
}
const httpLink = new BatchHttpLink(OPTS)
You are correct, that you also need credentials: true added in the CORS options.
answered Dec 1 '18 at 16:49
Stephen RichardsonStephen Richardson
11
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53455942%2fset-cookie-in-response-header-but-not-set-in-browser%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Are you using apollo-client on the client side?
If so, you need to add the credentials option when you create the terminating http link (or batch link etc). If not using apollo-client, you just need to add in this option accordingly.
const OPTS = {
uri: GQL_BASE,
credentials: 'include', // or 'same-origin' etc.
includeExtensions: true,
}
const httpLink = new BatchHttpLink(OPTS)
You are correct, that you also need credentials: true added in the CORS options.
answered Dec 1 '18 at 16:49
Stephen RichardsonStephen Richardson
11
add a comment |
Are you using apollo-client on the client side?
If so, you need to add the credentials option when you create the terminating http link (or batch link etc). If not using apollo-client, you just need to add in this option accordingly.
const OPTS = {
uri: GQL_BASE,
credentials: 'include', // or 'same-origin' etc.
includeExtensions: true,
}
const httpLink = new BatchHttpLink(OPTS)
You are correct, that you also need credentials: true added in the CORS options.
answered Dec 1 '18 at 16:49
Stephen RichardsonStephen Richardson
11
add a comment |
Are you using apollo-client on the client side?
If so, you need to add the credentials option when you create the terminating http link (or batch link etc). If not using apollo-client, you just need to add in this option accordingly.
const OPTS = {
uri: GQL_BASE,
credentials: 'include', // or 'same-origin' etc.
includeExtensions: true,
}
const httpLink = new BatchHttpLink(OPTS)
You are correct, that you also need credentials: true added in the CORS options.
answered Dec 1 '18 at 16:49
Stephen RichardsonStephen Richardson
11
Are you using apollo-client on the client side?
If so, you need to add the credentials option when you create the terminating http link (or batch link etc). If not using apollo-client, you just need to add in this option accordingly.
const OPTS = {
uri: GQL_BASE,
credentials: 'include', // or 'same-origin' etc.
includeExtensions: true,
}
const httpLink = new BatchHttpLink(OPTS)
You are correct, that you also need credentials: true added in the CORS options.
answered Dec 1 '18 at 16:49
Stephen RichardsonStephen Richardson
11
answered Dec 1 '18 at 16:49
Stephen RichardsonStephen Richardson
11
answered Dec 1 '18 at 16:49
Stephen RichardsonStephen Richardson
11
answered Dec 1 '18 at 16:49
Stephen RichardsonStephen Richardson
11
11
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53455942%2fset-cookie-in-response-header-but-not-set-in-browser%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
