PricingDocsAcademy
Bluesky ...
Wed, Dec 11, 10:31 PM

Session authentication not saving in cookies

  • /attachments/1305587692813156484/1305587693228523622/image.png

    speedy.lizard

    1 month ago

    My workflow: I'm leveraging basic authentication with Xano as my backend, having users login with email & password, then setting session cookies to the access token, and calling another API to get user information based on the authenticated user's token.

    The problem: Everything was working properly until I migrated the 'Get User' API to the new UI, and now my bearer tokens don't seem to be saving (I'm unable to authenticate the user on the new page I redirect to). I can still see the access token saving when I call the login API (see screenshot), and I've downloaded the browser extension.

    Any tips on troubleshooting? Thank you!!
    image.png
    image.png
  • speedy.lizard

    15 days ago

    Team toddle Still running into this issue – do you have any suggestions, or would someone be able to help me debug what changed with the new UI configuration? Thank you!!
  • Stockton

    15 days ago

    Is it proxied?
  • speedy.lizard

    15 days ago

    How do I know if it's proxied? Still learning!
  • Lucas G

    15 days ago

    Advanced tab
  • Tom Ireland

    15 days ago

    I don't know if it's necessary, but it would be worth setting the expiry when setting the session cookie. I think 86400 is the default for Xano when creating an auth token unless you set it to something different. iirc, you have to set the session cookie expiry for Xano - it's only Supabase that you don't need to set it for. That's a vague distant memory of a question asked before so might have changed. It also has to be a number and you're showing an empty string displayed.

    As Stockton and Lucas mentioned, navigate to the 'Advanced' tab and see if 'Proxy request' is disabled/enabled.

    Also, are you logging in via Preview first before refreshing the editor? You will need to do this (as well as have the extension installed) to be authenticated in the editor. You probably already know this but just double-checking.

    Can you also confirm what response you're getting back from the API? It would be good to see the result. I'm using Xano for auth and other things, so might be able to provide some pointers. πŸ‘
  • /attachments/1305587692813156484/1310962115028324402/image.png

    speedy.lizard

    15 days ago

    It is proxied! Attaching a screenshot of the advanced tab. I've also explicitly set the expiry to 86400, and I'm logging in via Preview before refreshing the editor, which does seem to give me access to the cookies from the same page, but not from the other pages in my app besides the login page. I'm getting an error 401 (invalid token). Thank you both so much for the help!!
    image.png
    image.png
    image.png
  • Tom Ireland

    15 days ago

    Okay, so 'Invalid token' is exactly that - it means that the auth token provided is either invalid or has not been provided.
  • Do you see anything in the cookie panel in the editor?
  • speedy.lizard

    15 days ago

    In trying to record my workflow to share here, I discovered that I hadn't proxied the API across all my pages! It wasn't proxied on the main one I was testing from, so toggling that to enabled fixed my issue! πŸ™‚ Is that something you always need to do with Xano now?
    πŸ™Œ1
  • Erik Beuschau

    15 days ago

    Whenever you work with cookies you will need to proxy your API requests. Otherwise your same-site cookie is not sent to your back-end.
    πŸ‘1
    πŸ’ͺ1
  • speedy.lizard

    15 days ago

    Great to know, thank you everyone so much for the help!!

Stop scrolling. Start building.

toddle is a visual web app builder that rivals custom code β€” but accessible to your entire team!

Try toddle β€” it's free!

Β© Copyright 2024 toddle. All rights reserved.