New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cookie-Based Authentication Is Not Possible #19958
Comments
This comment has been minimized.
This comment has been minimized.
Please use Stack Overflow for this type of question. |
So does this mean cookies will not be sent automatically by fetch calls? |
cookies should be sent automatically now, pretty sure there is an old ticket about this and the feature was added to RN quite a while ago. I have actually finished doing this feature and described doing so in this post |
Cookies were working fine for me until 0.55.4. Cookies stopped being sent from 0.56. |
Having the same issue as @Themarsguy |
We fixed this issue by adding
|
It seemed to only work if we have |
@Themarsguy Worked for me in 0.56. |
Hmm, using outside the headers and works till 0.55.4, but does not on 0.56. Are you all using expo or react-native(without expo)? |
@Themarsguy |
Same issues in v0.56 |
but it can not work for Andoird ,is there a solution? |
Got the same issue in RN 0.57.1. Recently, I did upgrade from 0.51.1 to 0.57.1 and spotted issue with cookie-based authentication. In RN 0.51 you would be able to use persistent cookie without any additional flags. Now (in RN 0.57), you need to use |
Would have been nice if this was included in the changelog. |
hey guys,
this code is working on iOS, cookies are sent, but in Android its now working ! If I change Cookie name to something else, then its sent. However, in the server its not a valid Cookie.. |
I have the same problem with Android. Did you ever get this to work? |
Exactly. Something better will rise soon! Bye Bye react-native. |
Hello, I had the same problem here and analysed the internal issue: The problem is a combination of react-native/ReactAndroid/src/main/java/com/facebook/react/modules/network/NetworkingModule.java Lines 647 to 661 in 9895d01
That This flag defines if the ReadableNativeMap reads data from a native map or a internal (java.util.) HashMap. But the problem was that WritableNativeMap always writes into the native map and never uses the (Readable) internal HashMap. That was the reason why Like said by @hey99xx in #21795 (comment) and by @Return-1 #23005 (comment) its possible to activate the this native accessor, if you add this code to your own/project Add this imports: import com.facebook.react.bridge.ReadableNativeArray;
import com.facebook.react.bridge.ReadableNativeMap; And this add the beginning of the ReadableNativeArray.setUseNativeAccessor(true);
ReadableNativeMap.setUseNativeAccessor(true); For me this works fine. But notice that this global flag may cause some other troubles. I also started to fix this behaviour in the latest React Native 0.59.3 release, but notice than that the master version of ReadableNativeMap/WritableNativeMap was already changed. The commits b257e06 and a062b34 by FB eng @sahrens changed/removed the useNativeAccessor behaviour, so I hope this issue was also fixed with the next/upcoming minor release 0.60.0. 🙌 (I couldn't test the new version yet, because running from the npm package (also with sourcecode changes) works fine for me, but the sourcecode version of RN let fail some of my 3rd party libraries. I'm looking forward for a RC of 0.60.0 and maybe will update this text here then.) |
Hello there, i've been trying to do this the past week, and still have no clue how to deal with cookie-based Auth.
my url is https, still added android:usesCleartextTraffic="true" i'm getting a Network request failed with no hint of how to resolve it. |
Environment
Environment:
OS: macOS High Sierra 10.13.3
Node: 8.11.1
Yarn: 1.7.0
npm: 5.6.0
Watchman: 4.9.0
Xcode: Xcode 9.2 Build version 9C40b
Android Studio: Not Found
Packages: (wanted => installed)
react: 16.3.1 => 16.3.1
react-native: ~0.55.2 => 0.55.4
Description
Hi, I am creating an app for work with zero chance of changing our custom coded backend authentication. It is cookie based as such:
1.) getAuthCookie() --> response contains a cookie, authCookie = fsadfsfreqwrqw.
2.) submitLoginInfo() with authCookie and user info
if at step 1 the request is sent with a cookie then it won't send back a new authCookie.
So the problem is when a user has an expired cookie stored in app, it'd keep using that cookie instead and the backend won't ever allow authentication to pass. They would have to restart the app to erase all cookie storage to pass authentication.
here are the things I have tried:
1.) native fetch api via credentials:'omit' / withCredentials: false, all permutations don't work
2.) use axios and repeat my first step
3.) tried to use axios with tough-cookie + axios-cookiejar-support, both required node functions that aren't available in RN
4.) react-native-cookie by joeferraro, this method worked before CRNA came in, but now it's showing messages that requires me to open xcode and add file, this isn't possible with current CRNA build and ejecting isn't advised.
5.) hard code Cookie headers via axios and RN's Fetch. This didn't work because it adds onto the cookies already in the system instead of actually setting the header to whatever string I put in.
Number 4 that I listed is how I know that it isn't code problem on my end since it used to work when I can just clear all cookies whenever the user gets to the login page.
solutions that'd help with my problem:
1.) able to choose when NOT to pass a cookie with request (not sure if the new set-cookie response header would replace my old cookie though).
2.) manipulate cookie on my own like react-native-cookie used to allow me.
3.) able to hard set the Cookie in Fetch headers.
I have been on this issue for weeks and I have also exhausted all resources, reddit/discord/stackoverflow/google. The successful example all involved react-native-cookie, but with that option gone I believe the community has no way of doing this anymore.
The text was updated successfully, but these errors were encountered: