#Cookies

20 messages · Page 1 of 1 (latest)

true flame
#

2f9c75e7-beb9-4f30-9fa6-17e4c1f93301
I have deployed on the railway backend and frontend (Spring+React). Almost everything is working, but there's one issue. After logging in, another fetch request is made to retrieve user data. However, the server responds with two different cookies for these two requests, and the user isn't being "logged in". Is there a way to solve this issue on Railway? When I run the server and frontend locally, I don't encounter this problem due to the setup in the package.json with "proxy: http://127.0.0.1:8080". Can you suggest a solution?

sour girderBOT
#

Please provide your project ID or reply with N/A. Thread will automatically be closed if no reply is received within 10 minutes. You can copy your project's id by pressing Ctrl/Cmd + K -> Copy Project ID.

hasty ruinBOT
#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> ✅ Mark Solution

young plover
#

are you makeing requests to the proper backend domain?

true flame
#

I suppose so. The requests are going to the same server, but for some reason, the cookie during login and the cookie when fetching the user profile right after login are different.
As you can see, the login is successful, but in response to fetching user data, I receive the "user is not authorized" message.(Due to different cookies)
If I use proxy:127.0.0.1:8080 when I start app locally - I don't have this issue.

1.png 2.png
true flame
#

I forgot to clarify that the cookie is not being stored in the Application.

Also, I've noticed now that the cookie is marked as HttpOnly, and Railway services are using Https. Could this potentially be causing the issue?

3.png
young plover
#

your app runs behind a proxy when on railway, you may need to trust the proxy with some middleware

true flame
#

Update: Yesterday, I found out that the problem occurred because the cookie came from a cross-site response, which was not the response to a top-level navigation. That's why the cookie is being created by the server for such requests but not being stored in the browser.
I have different servers for the frontend and backend on Railway. How can I merge them into one, so that all requests between them are treated as "same-origin"?
Thanks!

young plover
#

truthfully, separate services for the frontend and backend should not be real a problem at all, railway itself does the same thing with their frontend and backend.

true flame
#

I understand, but currently, it's problematic for me to configure cookies to work between servers. Having a shared server for both backend and frontend would be a solution. Does Railway allow merging them under a common domain?

young plover
#

I wouldn't call it problematic, you just don't wanna do it lol

true flame
#

I'm a junior, so it's my 1st project. Everything for me right now is problematic =))

young plover
true flame
#

oh thx a lot

#

thats exactly what I meant

young plover
#

read the caddyfile in the repo, read the readme, read every linked caddyfile documentation, look at the example project, look at and read everything there is to read

#

and please do that all very thoroughly, I understand it's a lot of information to take in, but please take your time going through all the information

true flame
#

okay. thx Brody

hasty ruinBOT
young plover
#

no problem, if after reading everything you still have questions, feel free to ask