can't get cookies from client

firebase / functions-samples

Collection of sample apps showcasing popular use cases using Cloud Functions for Firebase

https://firebase.google.com/docs/functions

Apache License 2.0

12.04k stars 3.83k forks source link

can't get cookies from client #187

Closed sagivo closed 7 years ago

sagivo commented 7 years ago

i followed the sample of authorized-https-endpoint and only added console.log to print the req.cookies, the problem is the cookies are always empty {} I set the cookies using clinet JS calls and they do save but from some reason, I can't get them on the server side.

here is the full code of index.js, it's exactly the same as the sample:

'use strict';

const functions = require('firebase-functions');
const admin = require('firebase-admin');
admin.initializeApp(functions.config().firebase);
const express = require('express');
const cookieParser = require('cookie-parser')();
const cors = require('cors')({origin: true});
const app = express();

const validateFirebaseIdToken = (req, res, next) => {
  console.log(req.cookies); //// <----- issue this is empty {} why?? 
  next();
};

app.use(cors);
app.use(cookieParser);
app.use(validateFirebaseIdToken);
app.get('/hello', (req, res) => {
  res.send(`Hello!!`);
});

exports.app = functions.https.onRequest(app);

sagivo commented 7 years ago

even test with simple curl will return empty cookies - curl http://FUNCTION_URL/hello --cookie "LastName=Doe;FirstName=John"

sagivo commented 7 years ago

update: looks like only cookie name __session will be saved. store cookie:
curl http://FUNCTION_URL/hello --cookie "__session=bar" // req.cookies = {__session: bar}

doesn't store:
curl http://FUNCTION_URL/hello --cookie "foo=bar" // req.cookies = {}

sagivo commented 7 years ago

according to here it's by design. i think it's wrong design but at least answered my question. closing.

paolomainardi commented 7 years ago

@sagivo how do you store the cookie for the cloud function domain using a js client ?

sagivo commented 7 years ago

@paolomainardi not sure I understand. you can store cookies with JS regular way. if you want Firebase Function to read it it has to be called __session.

paolomainardi commented 7 years ago

@sagivo thanks for the reply! I am talking about a scenario where the client app and the cloud functions live in different domains, let's say an angular application consuming cloud functions.

qnxdev commented 3 years ago

GCF is a headache. Go for any other solution

CodeKiwi commented 1 year ago

WOW I am lost for words... This means functions can't be used for OAuth.

Rizzist commented 3 months ago

update: looks like only cookie name __session will be saved. store cookie: curl http://FUNCTION_URL/hello --cookie "__session=bar" // req.cookies = {__session: bar}

doesn't store: curl http://FUNCTION_URL/hello --cookie "foo=bar" // req.cookies = {}

Even this doesnt work I cannot even store in __session cookie. its always empty. Stack: -NextJS + Firebase App Hosting Issue Location:

SSR Page w/ getServerSideProps