PHP-Session in API changes when called by Axios in React

Question

I am using PHP for writing an Api. The Api is called by a react web client. I am using Axio to call the Api. When I send something to my Api, the SessionID is not persistent, it changes after every call. Does someone have any idea?

The simplified PHP-Api:

<?php
session_start();
echo session_id();

/*
//Doesnt mather
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token');
header('Content-type: application/json; charset=utf-8');
*/
?>

The simplified React-Client

  static vote(vote, callback)
  {

    const data = {
      action: 'vote',
      vote: vote,  
    }

    axios.post(api_url, qs.stringify(data))
    .then(callback)
    .catch((error) => {
      console.log(error);
    });
  }

you cannot use session within api, session is being used to generate unique id and stored in browsers via cookie; also another copy is stored on server file system; you will need non traditional way to implement this system; — Milan Rilex Ristic, Feb 25 '19 at 21:16

score 3 · Answer 1 · answered Feb 25 '19 at 21:34

I'm not sure if this is a duplicate, or just a very related question: Make Axios send cookies in its requests automatically

I am guessing that your api and your client run on different domains. For the browser to store cookies in this case, you need { withCredentials: true } as config:

axios.post(api_url, qs.stringify(data), { withCredentials: true })

PHP-Session in API changes when called by Axios in React

1 Answers1

Linked