We have .Net Core 5.0 backend API which is returning a jwt token wrapped in a HttpOnly cookie when I call the login API endpoint & in the response body, it is sending me user's name & userId. My question is, as it's an HttpOnly cookie, so javascript code will not be able to handle it. Then how can Angular application understand that the login is successful ?? In the subscribe method, how to get that jwt token? And in the logout method, what should I do?
This situation is a common one, like wrapping jwt into a http only cookie. On angular side you can really on response status code to know if login was successfully or not. In you case you are receiving even user information's back, you can use also those ones.
In another scenarios, after a successful login , front end will make a new call like "user-profile" to get extra user information's.
In this case you will not need that wrapped JWT, on every subsequent request on the same domain cookie will be sent by browser by default, so no need for http interceptor which append authorization headers to requests.
hope this help you, getting a better view.