I have two node.js (express) apps running on two different ports. One is running on localhost:3000 and the other is running at localhost:4000. The app on port 3000 has the following cookie configuration:
app.use(express.cookieParser())
app.use(express.session({
key: settings.session.key,
secret: settings.session.secret,
cookie: settings.session.cookie,
fingerprint: function () { return '' },
store: new MemoryStore()
}))
And the other app (on port 4000) has:
app.use(express.cookieParser())
app.use(express.session({
key: settings.session.key,
secret: settings.session.secret,
cookie: settings.session.cookie,
fingerprint: function() { return '' },
store: new MongoSessionStore({ db: db })
}))
They are both using the same session configuration object (only difference is one is being stored in MongoDB while the other is in-memory.
I set a cookie like so on localhost:3000:
res.cookie('mycookie', 'bar', { domain: 'localhost:4000' })
And I then POST (with jquery.ajax) to a route on localhost:4000, and the cookie mycookie is not present.
Note: I have CORS setup on localhost:4000 to accept the origin localhost:3000, and when I post with Jquery I use xhrFields: { withCredentials: true }.
So my question is, how to configure the apps correctly to set cookies to one another? :)
I have two node.js (express) apps running on two different ports. One is running on localhost:3000 and the other is running at localhost:4000. The app on port 3000 has the following cookie configuration:
app.use(express.cookieParser())
app.use(express.session({
key: settings.session.key,
secret: settings.session.secret,
cookie: settings.session.cookie,
fingerprint: function () { return '' },
store: new MemoryStore()
}))
And the other app (on port 4000) has:
app.use(express.cookieParser())
app.use(express.session({
key: settings.session.key,
secret: settings.session.secret,
cookie: settings.session.cookie,
fingerprint: function() { return '' },
store: new MongoSessionStore({ db: db })
}))
They are both using the same session configuration object (only difference is one is being stored in MongoDB while the other is in-memory.
I set a cookie like so on localhost:3000:
res.cookie('mycookie', 'bar', { domain: 'localhost:4000' })
And I then POST (with jquery.ajax) to a route on localhost:4000, and the cookie mycookie is not present.
Note: I have CORS setup on localhost:4000 to accept the origin localhost:3000, and when I post with Jquery I use xhrFields: { withCredentials: true }.
So my question is, how to configure the apps correctly to set cookies to one another? :)
Share Improve this question asked Sep 11, 2013 at 18:54 teztez 5746 silver badges13 bronze badges 2- What happens if you use the same mongo session store for both sites? – Josh C. Commented Sep 11, 2013 at 19:14
- @JoshC. it results in shared sessions between the two apps. – tez Commented Sep 13, 2013 at 20:04
1 Answer
Reset to default 3I suggest that you share your session store between both apps.
Edit: Just to clarify you can't set cookies from one domain to another. So domainA can't set a cookie for domainB - you must get domainB to set the cookie (eg. by visiting domainB). Using your current config you should be able to read the cookies as expected.
Originally, I thought you wanted to share state between two apps via cookies which is why I suggested sharing the session store between the apps.