I am having Issues with receiving and sending httpOnly cookie - on the login Page
var response = await fetch(BASE_URL + 'login?useCookies=true', {
method: 'POST',
credentials: 'include',
body: JSON.stringify({email, password}),
headers: {'Accept': 'application/json', 'Access-Control-Allow-Credentials': 'true', 'Content-Type': 'application/json'}
});
if(response.status==200)
{
localStorage.setItem('user', email);
location.replace('index.html');
}
But when I try to get the data from server, it does not recognize the authenticated user
const userInfo = async () => {
let response = await fetch(BASE_URL + 'account/user-info', {
method: 'GET',
credentials: 'include',
headers: {'Accept': 'application/json', 'Access-Control-Allow-Credentials': 'true', 'Content-Type': 'application/json'}
})
if(response.status ==200)
{
var jsonResponse = response.json();
console.log(jsonResponse);
}
}
I am able to see the cookie received when loging into the account in the networking tab - but I can not see it in Application Tab => Cookies in the chrome
I am using .Net Core Identity with httpOnly cookies Authentication mechanism - Here are the cors settings in the Program.cs
app.UseCors(opt => {
opt.SetIsOriginAllowed(origin => true)
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
});
Here is my response
Response {type: 'cors', url: 'https://localhost:7001/api/account/user-info', redirected: false, status: 204, ok: true}
Any Help is much appreciated
I was expecting to see the Cookie in the Application Tab under Cookies , I am able to see it when loging in, using Networking Tab, but it is not set in the Cookies Section
thank you Tore - the problem was with the samesite feature on the backend - this code resolved the issue
builder.Services.ConfigureApplicationCookie(options =>
{
options.Cookie.SameSite = SameSiteMode.None;
});