hapi
hapi copied to clipboard
Published
20 hours ago •
hapijs
hapijs
Hapi web server doesn't set cookie in the browser if domain is present
Support plan
- is this issue currently blocking your project? (yes/no): Yes
- is this issue affecting a production system? (yes/no): Yes
Context
- node version: 14.19.1
- module version with issue: 16.0.3
- last module version without issue: 16
- environment (e.g. node, browser, native): node
- used with (e.g. hapi application, another framework, standalone, ...): react app
- any other relevant information: I'm using a hapi web server with react app.
What are you trying to achieve or the steps to reproduce?
My server config is as follows
var Hapi = require('hapi');
var path = require('path');
var envCfg = require('../env');
module.exports = {
/**
* Create Hapi Server
*/
create() {
/**
* Server Configuration
*/
var server = new Hapi.Server({
debug: {
request: ['debug', 'error', 'request']
}
});
server.connection({port: 3000});
server.state(access_token, {
ttl: null,
encoding: 'base64',
strictHeader: true, //don't allow violations of RFC 6265
domain: envCf.MyCookieDomain (example: .ngrok.io)
isSecure: false //TODO: Remove when https is applied.
});
/**
* Register Hapi Views Plugin
*/
server.register(require('vision'), (err) => {
if (err) console.log('Failed to load views plugin');
server.views({
engines: {jade: require('jade')},
isCached: false,
path: path.join(__dirname, 'views')
})
});
/**
* Register Static Asset Plugin
*/
server.register(require('inert'), (err) => {
if (err) console.log('Failed to load static asset plugin');
server.route({
method: 'GET',
path: '/static/{params*}',
handler: {
directory: {
path: path.join(__dirname, '/../src/public')
}
}
});
server.route({
method: 'GET',
path: '/invoices/Resources/{params*}',
handler: {
directory: {
path: path.join(__dirname, '/../src/public/dynamsoft/Resources')
}
}
});
});
/**
* Register Hapi Routes
*/
require('./routes.js')(server);
return server.start((err) => {
console.log('Server listening);
});
}
}
I'm trying to set the access token generated by my api from my web server like so :
login(request, reply) {
const { email, password, token, redirectUrl } = request.payload;
const loginPayload = { email, password };
_client().token.create(loginPayload).then((result) => {
console.log('api handler login token', result); // I'm getting the accessToken here on my console messages
reply(result).state(
constants.tokenCookieName,
result.access_token,
{
isHttpOnly: false,
}
);
}).catch(function (error) {
return reply(Boom.boomify(
new Error(error),
{statusCode: error.response ? error.response.status : 500})
);
});
},
What was the result you got?
The access token is never being set as a cookie in the browser even though it's being generated properly by my api
What result did you expect?
As per docs i was expecting the access token to be set in the browser via the request.state method. I'm not sure what i'm doing wrong . Please help
