Set cookies

Question

Set cookies

MickL opened this issue 3 months ago · comments

Describe the feature

I have a login route that returns a session cookie but when sending subsequents requests the cookie is not set:

const loginResponse = await ofetch.raw('/login', {
      method: 'POST',
      body: {
        email: 'a@b.com',
        password: 'test123',
      },
    });
expect(loginResponse.status).toBe(204);

const securedRouteResponse = await ofetch.raw('/admin/products');
expect(securedRouteResponse).toBe(200); // -> 403

Unfortunately the cookie is never set. I tried to set option credentials: 'include' on both requests with no success. Am I missing something?

Additional information

Would you be willing to help implement this feature?

87xie · Answer 1 · Wed Apr 10 2024 00:31:59 GMT+0800 (China Standard Time)

Checking the Set-Cookie attributes, such as Path, Domain, Expires, etc, in the server response headers of the /login endpoint to ensure the cookie is stored correctly

Mick Lawitzke · Answer 2 · Wed Apr 10 2024 04:11:44 GMT+0800 (China Standard Time)

Yes it works fine in browser and in Postman

duy-dev · Answer 3 · Tue Apr 23 2024 17:59:58 GMT+0800 (China Standard Time)

I also have the same problem, the application runs fine locally but when deployed to Firebase it cannot get cookies 😥

Sonicj · Answer 4 · Fri Apr 26 2024 16:05:56 GMT+0800 (China Standard Time)

Try with

const loginResponse = await ofetch.raw('/login', {
      method: 'POST',
      body: {
        email: 'a@b.com',
        password: 'test123',
      },
      credentials: "include",
});

Mick Lawitzke · Answer 5 · Fri Apr 26 2024 16:07:41 GMT+0800 (China Standard Time)

You mean credentials: include? Thats what I tried as I wrote in the initial issue

Sonicj · Answer 6 · Fri Apr 26 2024 16:33:42 GMT+0800 (China Standard Time)

You mean credentials: include? Thats what I tried as I wrote in the initial issue

Yeah my bad, did you try it with access-control-allow-credentials header set to true in the server?

Mick Lawitzke · Answer 7 · Fri Apr 26 2024 17:27:43 GMT+0800 (China Standard Time)

It works in the browser and with Postman, just not in the test or an empty node script with ofetch.

Pratik Rane · Answer 8 · Wed Jun 05 2024 13:14:07 GMT+0800 (China Standard Time)

Facing the same issue, runs fine locally but not in production. Did anyone figure this out? :(

Arkadiusz Sygulski · Answer 9 · Mon Jun 17 2024 22:36:29 GMT+0800 (China Standard Time)

fetch by design is not managing the cookies for you

What you are trying to accomplish is creating a stateful client, which shares state between subsequent requests. fetch, and by extension ofetch, is not designed to do this. Each request is independent. To accomplish your goal, a separate concept of "cookie jar" is required - a storage instance which is going to read response headers, persist cookies and set them on future requests. You can write it yourself or try open source pacakges.

I imagine using fetch-cookie package with ofetch should look like this:

import { $fetch } from 'ofetch'
import makeFetchCookie from 'fetch-cookie'

const fetchWithCookies = makeFetchCookie($fetch.native)
const client = $fetch.create({ fetch: fetchWithCookies })

Mick Lawitzke · Answer 10 · Mon Jun 17 2024 23:36:47 GMT+0800 (China Standard Time)

Thanks for the info!

Can we treat this issue as a feature request then? So ofetch will behave as a cookie jar, automatically setting cookies @pi0 ?

duy-dev · Answer 11 · Wed Jun 19 2024 16:18:59 GMT+0800 (China Standard Time)

I also have the same problem, the application runs fine locally but when deployed to Firebase it cannot get cookies 😥

After many days of researching, I also found the problem. Firebase only accepts one cookie named __session. Hope this information is useful to everyone. Details on this can be found here: https://firebase.google.com/docs/hosting/manage-cache?hl=en#using_cookies