Channels
#support-questions
Title
c
constantinos
07/12/2022, 1:46 PMAfter fixing the cors issue, now the session doesnt last for long (maybe 30 minutes) on the second front-end. Its as if the access token doesnt refresh automatically. Anything special I need to do?
r
rp
07/12/2022, 1:47 PMHey! Can you enable frontend logs and show us the output of any API call that requires session verificaiton?
what are the request headers?
c
constantinos
07/12/2022, 2:58 PMThese are the logs
This happens 1 hour after login, just like the access token expiry
If I refresh I am correctly redirected to login and dont get the error
So its a bit hard to replicate, I couldnt see the heads because I didnt have the dev tools open
r
rp
07/12/2022, 3:14 PMCan i see the backend logs for when the refresh API is called/
You can trigger it quickly by signing in, deleting the sAccessToken cookie from the cookie storage, and then clicking on some button that calls an API that does session verification
And also can you send a screenshot of the login response headers? I want to see the Set-Cookies header values (the whole value including the expiry etc..)
c
constantinos
07/13/2022, 5:24 AMSent you a PM with the screenshot, testing with backedn logs now also
I dont have an
sAccessTokensFrontTokenBackend logs after deleting
sFrontTokenI have
sAccessTokenr
rp
07/13/2022, 5:46 AMRight. So the issue is that the cookies are not being sent to the refresh API call, and so the refresh API returns a 401, logging out the user.
What is the website URL and what is the API URL? (You can DM me if you like to keep that private)
c
constantinos
07/13/2022, 5:53 AMDMed
Thanks its fixed with cookieSameSite: 'none'
On prod what should I set this to?
r
rp
07/13/2022, 6:30 AMon prod, you should set it to "lax"
2 Views