Has anyone experienced session cannot be refreshed...
# support-questions-legacy
r
Has anyone experienced session cannot be refreshed on electronjs? In the network tab, refresh call (http://localhost:3001/auth/session/refresh) return 401 unauthorised
r
hey!
can you enable backend debug logs and show the output?
r
Sure, this is debug logs output.
From the logs, idRefreshToken should be set after signin right but it is not found when the session is trying to refresh. During the development, running in localhost:4200 is working fine and session is working normally. Also, I have implemented windowHandler and cookieHandler based on the electron example. Any suggestion can I go to solve this? @rp_st
r
Hmmmm. So the issue is only during prod
Can I see the sign in request and response headers in prod?
r
Yeah, The issue happen in production code. when the code is compile into electron app. @rp_st
the screenshot below is the signin request
Below, this is the screenshot for refresh request with both request and response headers.
r
can you hover on the orange triangle in the set-cookie response header? What does it say?
r
The orange triangle said, 'This attempt to set a cookie via a Set-Cookie header was blocked because it has the "SameSite=Lax" attribute but came from a cross-site response which was not the response to a top-level navigation'
r
Right. Whats the value of APIDomain and websiteDomain on the backend?
The issue is that you need to set cookieSameSite to “none” on the backend’s session.init
But for that, you will need to use https for your api layer
r
This is my apiDomain: http://localhost:3001 and websiteDomain:http://localhost:4200
thank you for your guidance. I will update the config on the backend api layer and turnel it through ngrok to test it.
r
Cool. If you are using ngrok, make sure to change the apiDomain value on the backend and frontend to use that domain
2 Views