Problems with refreshtoken cookie path in nextjs13...
# support-questions-legacys
santimnv
06/23/2023, 3:20 PMProblems with refreshtoken cookie path in nextjs13 server side rendering
I am using nextjs13 SSR and a fastapi backend.
When I render something in server in nextjs I send the accestoken and everything works fine.
When my accestoken is expired I call my refresh endpoint. The problem is that I don't have the refreshToken cookie because is only for /myrefreshendpoint.
How can I fix it?
Is any way to make this cookie available for all paths? Is that secure?
Thanks for reading!
r
rp_st
06/23/2023, 6:06 PMHey.
rp_st
06/23/2023, 6:06 PMSee our docs for NextJS SSR
rp_st
06/23/2023, 6:06 PMyou need to send back a response to the client which tells it to call the refresh API and then reload the page
s
santimnv
06/24/2023, 4:20 PMI have been looking at it for a while, seems like a bad solution to achieve something that could be done by changing a cookie path
santimnv
06/24/2023, 4:21 PMHow can I change the cookie path? Is that secure?
santimnv
06/24/2023, 4:22 PMAlso, as I see your solution totally breaks the SSR lifecycle because all pages are using the useEffect hook
r
rp_st
06/24/2023, 6:42 PMChanging the refresh cookie path is a security issue.
rp_st
06/24/2023, 6:43 PMWhat do you meant by breaks the SSR lifecycle? Using useEffect doesn’t break SSR
7 Views