HttpOnly not working - Githubissues

bezkoder / angular-17-jwt-auth

Angular 17 JWT Authentication example - Token Based Authentication & Role Based Authorization example with HttpOnly Cookie and Rest API

54 stars 30 forks source link

HttpOnly not working #1

Open naviinbharathy opened 8 months ago

naviinbharathy commented 8 months ago

I have followed your spring boot 3 and angular 17 JWT tutorial. Everything is working fine except JWT.

I am able login, and refresh token is created
I am able to see httpOnly cookie in my frontend response
but for subsequent requests token is not being sent to backend
backend it shows "AnonymousUser"

tienbku commented 8 months ago

Hi, before running the backend server, you need to add minor configuration:

/* In AuthController.java */
// @CrossOrigin(origins = "*", maxAge = 3600)
@CrossOrigin(origins = "http://localhost:8081", maxAge = 3600, allowCredentials="true")

/* In TestController.java */
// @CrossOrigin(origins = "*", maxAge = 3600)
@CrossOrigin(origins = "http://localhost:8081", maxAge = 3600, allowCredentials="true")