Unable to retrieve a refresh cookie in expressjs (react and nodejs app)

Question

I am unable to retrieve a cookie that I sent earlier.

As part of login, I sent back a refresh token as an httpOnly cookie.

const payload = {name, email};
console.log("payload: ", payload);
const accessToken = jsonwebtoken.sign(payload, process.env.ACCESS_TOKEN_KEY, { expiresIn: '15m' });
const refreshToken = jsonwebtoken.sign(payload, process.env.REFRESH_TOKEN_KEY, { expiresIn: '1d' });
console.log("Access  Token:", accessToken);   // access token is generated
console.log("Refresh Token:", refreshToken);  // refresh token is generated
res.cookie('refreshToken', refreshToken, { httpOnly: true, secure: false, sameSite: 'Lax', maxAge: 24*60*60*1000 }); // call succeeded. what is the name of cookie?
res.json({ accessToken });

Later on a refresh endpoint I look for a cookie and can't find it:

export const handleRefreshToken = async (req, res) => {
console.log("Request Cookies", req.cookies);
const cookies = req.cookies;
if (!cookies?.refreshToken) return res.sendStatus(401);

I see the following cookies:

_ga: 'xxxxxxxxxxxxxxxxx',
_gid: 'xxxxxxxxxxxxxxxx',
_gat_gtag_UA_xxxxxx: 'x',
_ga_QPY49S2WC4: 'xxxxxxxxxxxxxxxxxxx'

This is on my dev environment with nodejs running on localhost:5000.

Update: Using devtools (Network) I see the cookie in the response on the client side. The name of the cookie is 'refreshToken'. However, the cookie doesn't show up on the browser when I look at the cookies on the browser. Perhaps, the cookie isn't being retained on the browser. Any suggestions on why that could be?

Update2: The link provided by @Konrad Linkowski worked. When the axios request is made from the client, I needed the option "{ withCredentials: true }".

Unable to retrieve a refresh cookie in expressjs (react and nodejs app)

Answers (1)

Related Questions