Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Title
r
ray.npc
01/27/2023, 9:40 AMHas anyone experienced session cannot be refreshed on electronjs? In the network tab, refresh call (http://localhost:3001/auth/session/refresh) return 401 unauthorised
r
rp
01/27/2023, 9:46 AMhey!
can you enable backend debug logs and show the output?
r
ray.npc
01/27/2023, 2:09 PMSure, this is debug logs output.
From the logs, idRefreshToken should be set after signin right but it is not found when the session is trying to refresh. During the development, running in localhost:4200 is working fine and session is working normally. Also, I have implemented windowHandler and cookieHandler based on the electron example. Any suggestion can I go to solve this? @rp
r
rp
01/28/2023, 4:59 AMHmmmm. So the issue is only during prod
Can I see the sign in request and response headers in prod?
r
ray.npc
01/28/2023, 7:01 AMYeah, The issue happen in production code. when the code is compile into electron app. @rp
the screenshot below is the signin request
Below, this is the screenshot for refresh request with both request and response headers.
r
rp
01/28/2023, 7:11 AMcan you hover on the orange triangle in the set-cookie response header? What does it say?
r
ray.npc
01/28/2023, 7:17 AMThe orange triangle said, 'This attempt to set a cookie via a Set-Cookie header was blocked because it has the "SameSite=Lax" attribute but came from a cross-site response which was not the response to a top-level navigation'
r
rp
01/28/2023, 7:28 AMRight. Whats the value of APIDomain and websiteDomain on the backend?
The issue is that you need to set cookieSameSite to “none” on the backend’s session.init
But for that, you will need to use https for your api layer
r
ray.npc
01/28/2023, 7:36 AMThis is my apiDomain: http://localhost:3001 and websiteDomain:http://localhost:4200
thank you for your guidance. I will update the config on the backend api layer and turnel it through ngrok to test it.
r
rp
01/28/2023, 7:40 AMCool. If you are using ngrok, make sure to change the apiDomain value on the backend and frontend to use that domain