I am trying to set a cookie from an API server on a subdomain api.talopakettiin.fi and access it on the main domain talopakettiin.fi within the same broader domain. I’m using Express.js on the server and wordpress php on the client-side to handle the requests and cookies. I find the cookie in the cookies tab but it is under the subdomain like so:
and I set the cookie in the response after signing in:
res.cookie("Token", jwtToken, {
domain: ".talopakettiin.fi",
secure: true,
httpOnly: true,
path: "/",
sameSite: "None",
});
But when i try to access it in my client's functions.php file
function handle_button_click() {
error_log('Button clicked!'); // Example log for testing
$api_url = '';
$jwt_token = isset($_COOKIE['Token']) ? $_COOKIE['Token'] : 'Token not found';
error_log("Extracted Token: " . $jwt_token);
$response = wp_remote_post($api_url, [
'method' => 'POST',
'body' => "So much data",
'headers' => [
'Content-Type' => 'application/json',
$jwt_token
],
]);
wp_send_json_success(array('message' => 'Button was clicked!'));
}
add_action('wp_ajax_handle_button_click', 'handle_button_click'); // For logged-in users
then $jwtToken is always 'Token not found'. How can i fix this issue?
I am trying to set a cookie from an API server on a subdomain api.talopakettiin.fi and access it on the main domain talopakettiin.fi within the same broader domain. I’m using Express.js on the server and wordpress php on the client-side to handle the requests and cookies. I find the cookie in the cookies tab but it is under the subdomain like so:
and I set the cookie in the response after signing in:
res.cookie("Token", jwtToken, {
domain: ".talopakettiin.fi",
secure: true,
httpOnly: true,
path: "/",
sameSite: "None",
});
But when i try to access it in my client's functions.php file
function handle_button_click() {
error_log('Button clicked!'); // Example log for testing
$api_url = 'https://api.talopakettiin.fi/forms/receive-form-data';
$jwt_token = isset($_COOKIE['Token']) ? $_COOKIE['Token'] : 'Token not found';
error_log("Extracted Token: " . $jwt_token);
$response = wp_remote_post($api_url, [
'method' => 'POST',
'body' => "So much data",
'headers' => [
'Content-Type' => 'application/json',
$jwt_token
],
]);
wp_send_json_success(array('message' => 'Button was clicked!'));
}
add_action('wp_ajax_handle_button_click', 'handle_button_click'); // For logged-in users
then $jwtToken is always 'Token not found'. How can i fix this issue?
Share Improve this question edited Nov 19, 2024 at 18:14 m__ asked Nov 19, 2024 at 17:36 m__m__ 236 bronze badges 3- Please edit the question and put the code parts as text, not pictures. – Markus Zeller Commented Nov 19, 2024 at 18:02
- "and I set the cookie in the response after signing in" - how exactly is that request made from the client side? And does the Set-Cookie header received in the response look as it should? – C3roe Commented Nov 21, 2024 at 6:50
- No, i singled out the problem. Express never sends the "domain" attribute, even when specified, so the domain defaults back to the origin domain – m__ Commented Nov 21, 2024 at 9:52
1 Answer
Reset to default 0Okay so I fixed the issue and realized where it stems from. In Express the "domain" attribute will get filtered because for some reason express doesn't like sending it. So to ensure it does get sent, you have to:
- In your index.js file set
app.use('trust proxy', true)
and 2) In your index.js file set
app.use((req, res, next) => {
req.domain = req.headers.host;
next();
});
This way the cookie's domain attribute gets set to the intended URL.