7

I have an express-node server . I send JWT access token in response and also a JWT refresh token via httpOnly cookie only . When using it in browser, that refresh token is automatically sent with every subsequent request.

But when I tried to use that in react native project , the httpOnly cookie is not saved automatically in the app , nor the server get any cookie with api request . I think there is no place where httpOnly cookie can be saved in react-native. Some advice me to save it in AsyncStorage , but as it is httpOnly cookie , I can not read it by javascript, so can not save it to any place.

Do react native do not save or handle http-only cookie ??

subhadip pahari
  • 799
  • 1
  • 7
  • 16
  • do you find a solution ? thankx – AlainIb Jun 09 '20 at 15:30
  • 2
    yes and no. let me clarify. react-native can not handle httpOnly cookie. so what you can do you should not send the httpOnly cookie but general cookie. now if you have a web application and a react native application . you have to make 2 different API endpoints for both. for the web application: you will send httpOnly cookie for react-native application: you will send a general non-httpOnly cookie if you found any better solution, please let me know. – subhadip pahari Jul 23 '20 at 16:39
  • 1
    3 years later what approach did you go With ? – yasseros Jan 21 '23 at 22:33
  • 1
    I used 2 different type of token for web based and mobile based auth. for mobile based auth only one JWT with long lived expiry (no Refresh token). and saving that in mobile device itself by react-native-keychain. – subhadip pahari Jan 27 '23 at 23:43

0 Answers0