[Help] Fastify session http only cookie differs
message.txt5.36KB
Solution
The problem is probably with fastify/fastify session plugin.
fastify.register(session, {
secret: "supersecret1234567890supersecret1234567890", // Use a strong secret here for production.
cookie: {
secure: "auto", // THIS WORKED
(Even though 'auto' must set secure to false if http localhost)
secure: false, // THIS DIDN'T WORK
httpOnly: true,
maxAge: 1000 * 60 * 60 * 24,
sameSite: process.env.NODE_ENV === "production" ? "strict" : "none",
},
saveUninitialized: false,
});
fastify.register(session, {
secret: "supersecret1234567890supersecret1234567890", // Use a strong secret here for production.
cookie: {
secure: "auto", // THIS WORKED
(Even though 'auto' must set secure to false if http localhost)secure: false, // THIS DIDN'T WORK
httpOnly: true,
maxAge: 1000 * 60 * 60 * 24,
sameSite: process.env.NODE_ENV === "production" ? "strict" : "none",
},
saveUninitialized: false,
});
