1

I'm trying to implement authentication with ExpressJS' cookie sessions and AngularJS. The problem is that even I can get ExpressJS to send session cookies, Angular won't send them with subsequent requests.

I'm running backend server at 192.168.1.2:3000 and yeoman server at 192.168.1.2:3501 so is there a cross-domain issue here? I already did the normal CORS stuff with ExpressJS in order to get $http working correctly but I'm not sure how to get the cookies working.

Improve this question
2
  • Check if the port number is included in the domain part of the cookie. I assume it is, in which case you won't be able to read the cookie created on one server on the other. CORS is just for Javascript as far as I know, but I may be wrong there. But why do you need two webservers running on the same machine? I mean, what's the Yeoman server for when you have the real back-end? Commented Jan 14, 2013 at 20:43
  • I'm just bootstrapping the whole thing together at the moment. In the future backend will run under different subdomain so problem should be solved with .foo.com as domain in cookies. Interesting enough it seems that port SHOULDN'T be an issue when it comes to cookies but sure looks like it. I tested this with Firefox 18 and newest Chromium. Commented Jan 15, 2013 at 4:06

2 Answers 2

Reset to default
1

Have you checked that your request is sent with the withCredentialsflag set to true?

In angular, this can be done by in the HTTP request configuration object, e.g

//...
$http.get(myUrl, {withCredentials: true})
//...

Or if you don't want to reconfigure it all the time, using $httpProvider:

myApp.config(['$httpProvider', function ($httpProvider) {
  $httpProvider.defaults.withCredentials = true;
}]);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

to get cookies working in angularJS you could follow this link

I maintain session variable in the backend (expressJS) and return it to the $cookies object in the frontend(angularJS).

So When i logout, it would delete the cookie in angularJS and the session variable in the backend.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.