0

I have 2 applications, 1 is for backend application and another is for front-end

--> https://noobteam.ga

so when I run those 2 applications on local the cookies seem very normal and no problem with running. But when I deploy it to Production, the cookie on the front-end application didn't show up! But the backend one is still normal. So my question is where did I made a mistake? Because on the Local runs very normal!!!

const router = require('express').Router();
const passport = require('passport');

router.get('/discord', passport.authenticate('discord'));

router.get('/discord/redirect', passport.authenticate('discord', { failureRedirect: '/api/auth/' }), (req, res, next) => {
    res.redirect(process.env.URL); //https://noobteam.ga
})

Edit

I tried to add

app.use(cors({
    origin: process.env.URL,
    credentials: true
}))

app.use(function (req, res, next) {
    console.log(req.header.origin)
    res.header('Access-Control-Allow-Credentials', true);
    res.header('Access-Control-Allow-Origin', 'https://www.noobteam.ga');
    res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
    res.header('Access-Control-Allow-Headers', 'X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept');
    if ('OPTIONS' == req.method) {
        res.send(200);
    } else {
        next();
    }
});

to my Express server but still doesn't work :<

Thinh Nguyen
  • 35
  • 7
  • This is most likely due to the applications being served from different domains in production (noobteam.ga for the frontend and herokuapp.com for the backend). Locally they are both on `localhost`. HTTP cookies are domain-specific. This thread has some more details: https://stackoverflow.com/questions/46288437/set-cookies-for-cross-origin-requests. But the general subject you need to research is "enabling cookies for cross-origin requests." – Troy Carlson Jun 05 '21 at 17:57
  • @TroyCarlson I added the `corss-origin-request` to my **headers** but they still doesn't work : – Thinh Nguyen Jun 05 '21 at 18:10

0 Answers0