1

I want to set cookie in Go:

func rememberMe(w http.ResponseWriter,username string) {
    expiration := time.Now().AddDate(0,1,0) // cookie will be stored for 1 month
    cookie := http.Cookie{Name: "rememberMe",Value: username,Expires: expiration}
    http.SetCookie(w,&cookie)
    fmt.Println("Cookie has been set.")
}

The response was quite fine and there was a Set-Cookie filed:

Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: *
Content-Length: 10
Content-Type: text/plain; charset=utf-8
Date: Thu, 20 Sep 2018 12:48:20 GMT
Set-Cookie: rememberMe=buddy; Expires=Sat, 20 Oct 2018 12:48:19 GMT

But when I used Chrome developer tools to check the cookie, there was no cookie. I am confused about this problem.

maxwellhertz
  • 473
  • 1
  • 6
  • 18
  • I just tried it and the cookie is set. Did you look in the developer tools under Application/Storage/Cookies? – mbuechmann Sep 20 '18 at 13:02
  • 1
    Do not forget to set the Path if the default path is not good enough. Does the browser send the cookie back to the server on subsequent requests? – Volker Sep 20 '18 at 13:08
  • I did check the cookie under Application/Storage/Cookies and there was nothing.@mbuechmann – maxwellhertz Sep 20 '18 at 13:10
  • 2
    Is this a cross-origin request? If so, don't forget to enable withCredentials on the client and send Access-Control-Allow-Credentials: true from the server: https://stackoverflow.com/questions/14221722/set-cookie-on-browser-with-ajax-request-via-cors – Peter Sep 20 '18 at 13:11
  • No, the browser didn't send any cookie on subsequent request. What is the exact meaning of setting the path? I'm a new web developer and I can't get the point.@Volker – maxwellhertz Sep 20 '18 at 13:13
  • Yes, this is a cross-origin request. I've done what you said but it didn't work either. By the way, I use vue.js in front end.@Peter – maxwellhertz Sep 20 '18 at 13:30
  • Cookies have a Path attribute which default to the URL path of the request (roughly). Most of the time you want to fix it to "/". – Volker Sep 20 '18 at 13:34
  • Oh thank you very much. Finally it works!!!@Peter – maxwellhertz Sep 20 '18 at 13:46

1 Answers1

2

Thanks for @Peter. The thing is cross-origin.My back end runs at locolhost:8088 and front end runs at localhost:8080. So I did some configuration in both back end and front end. Here's the back end code: 

func SetupResponse(w *http.ResponseWriter, r *http.Request) {
    (*w).Header().Set("Access-Control-Allow-Origin", "http://localhost:8080")
    (*w).Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
    (*w).Header().Set("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
    (*w).Header().Set("Access-Control-Allow-Credentials", "true")
}

I use axios in front end:

this.$axios.create({ withCredentials: true })
.get("http://localhost:8088/api/")
.then((response) => {
//....
}).catch((error) => {
  console.log(error);
});
maxwellhertz
  • 473
  • 1
  • 6
  • 18