Chapter - 15 Google Authentication Persistence

[siricoa94]

On refreshing the page, I lose persistence of my authentication. I believe it could be possible due a new update " https://reactjs.org/docs/legacy-context.html", although I am not sure. All I do know is that my super(props) has a strikethrough the super. My code is uploaded to github, and below I included a link to my UI repo.

UI repo - https://github.com/siricoa94/tracker-ui

P.S. I forgot to mention, I just completed the "Proxy Mode" section of chapter 15 just as a point of reference. Also, the application seems to work just fine when I run it locally on my machine. This is only an issue on Heroku so far.

[itstanany]

@siricoa94 the problem of cookies in "Proxy Mode" section is that the "domain" property of res.cookie('jwt', token, { httpOnly: true, domain: process.env.COOKIE_DOMAIN }); and COOKIE_DOMAIN is set to "herokuapp.com" and "herokuapp.com" is listed in "Public Suffix" // Heroku : https://www.heroku.com/ // Submitted by Tom Maher tmaher@heroku.com herokuapp.com herokussl.com

so, browser block setting cookies to any domain in the Public suffix list

[siricoa94]

Thank you for your response, I am not too familiar with this subject. Would you know more on how to browser block setting cookies to any domain in the Public suffix list? I did read over "https://devcenter.heroku.com/articles/cookies-and-herokuapp-com", but still seem to be a little lost on the matter.

[itstanany]

A "public suffix" is one under which Internet users can directly register names. Some examples of public suffixes are ".com", ".co.uk" and "pvt.k12.ma.us". So, any subdomains registered on those top-level-domains can't set domains on higher level domains.

Example: Top-Level-Domain: .com => registered in Public Suffix List Sub-Domain: .example in example.com Sub-Sub-Domain: foo.example.com In this case: .foo sub domain can set cookies on .example BUT, .example can't set cookies on .com because .com is registered in Public Suffix List

In our case, when register subdomains on .herokuapp we can't set cookies on .herokuapp because .herokuapp is listed in Public Suffix List

You can also read Wikipedia article: https://en.wikipedia.org/wiki/Public_Suffix_List

[siricoa94]

Thank you very much, I have solved my issue and now understand how top-level-domains and sub-domains work to some degree and would have still been lost without your help.