Fork me on GitHub
Marc Rios09:11:56

Hello, I have a question about session and ports. Another service from another port (5000) is accessing my API (3000). I want my API program to set a session cookie when someone registers using the API. Unfortunately, the API is returning the correct JSON, but it is not returning the session cookie. The sessions work when the requests are coming from port 3000. I've already set the "SameSite" attribute of the session cookie to "Lax".


I don’t see how the source port could affect it. You mean it works when you change port for that service from 5000 to 3000? Can you see if the http response actually contains the cookie and it’s just your client app not sending it?


SameSite is afaik more about the circumstances when your client (browser) sends cookies to the server. It seems to me that you have actual server running on host:3000 and that sends cookies to the browser as expected and then you have some kind of ui dev web server running at host:5000 which talks to host:3000 under the hood but otherwise it’s the ui webbserver that delivers responses to your browser Is that correct or am I completely off?

Marc Rios09:11:48

I should be able to share session cookies between frontend (port 5000) and backend (port 3000). But something seems to be stopping me from doing that.

Marc Rios09:11:09

As far as I can tell, there is no documentation on this issue anywhere.