You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Tokens are not stored in session after successful login if the cookie for express-session is set to be secure: false. If I set it to true, then the cookies are not sent to the server because I'm on localhost and over HTTP.
Is this the expected behavior? Is the only solution to run it over HTTPS? I've tried to use self signed certificates for HTTPS, but Chrome says the site is insecure and the cookies are not sent.
Expected behavior
The tokens are stored in the session even if the cookie is set to be secure: false
Actual behavior
The tokens are not stored in the session (only the user id)
Steps to reproduce
Set the cookie to be secure: false
Trigger the OAuth flow
After redirect to callback finishes, check the sesion stored on the database: No tokens found.
Change the cookie to be secure: true
Trigger the OAuth flow
After redirect to callback finishes, check the sesion stored on the database: Tokens are present.
Tokens are not stored in session after successful login if the cookie for
express-sessionis set to besecure: false. If I set it totrue, then the cookies are not sent to the server because I'm on localhost and over HTTP.Is this the expected behavior? Is the only solution to run it over HTTPS? I've tried to use self signed certificates for HTTPS, but Chrome says the site is insecure and the cookies are not sent.
Expected behavior
The tokens are stored in the session even if the cookie is set to be
secure: falseActual behavior
The tokens are not stored in the session (only the user id)
Steps to reproduce
secure: falsesecure: trueEnvironment
Ubuntu 20.04
Node v12.16.2
passport@0.4.1
passport-twitter@1.0.4
The text was updated successfully, but these errors were encountered: