0

I'm trying to establish a session using AngularJS, as follows:

var login = function (email, pw) {
        $http.post('http://some_api/api/v1/users/sign_in', {'email': email, 'password': pw}
            ).
            success(function (data, status, headers, config) {
                    alert('success');
                    console.log(status, headers());
                    SessionService.isLogged = true,
                    SessionService.name = data.name,
                    SessionService.id = data.id,
                    SessionService.email = email,
                    SessionService.password = pw,
                    SessionService.coverUrl = data.coverUrl,
                    SessionService.imageUrl = data.imageUrl;
                    // TODO Also store venue id associated to user if applicable
                    SessionService.venueId;
                    //TODO route to whatever page we came from in the case that user is being asked to re-authenticate
                    $location.url('/summary');
                }
            ).
            error(function(data, status, headers, config){
                SessionService.destroy();
                alert('login failure');
                }
            );

However, when the request response comes back from the API, I only get the following headers by using the $cookies service:

cache-control: "max-age=0, private, must-revalidate"
content-type: "application/json; charset=utf-8"

However, I know the cookie is sent back from the server because Chrome sends it back in the Developer Tools as a populated Set-Cookie header. I read in another question that AngularJS cannot access the Set-Cookie header because the $http service because the inherent spec of the Javascript functions it calls returns all headers except the Set-Cookie header. Thus, my questions are:

  1. Why are the cookies sent back by the API present in the Developer Tools but do not actually get stored in the browser? (I checked the browser cookies with an extension and there were none present). Aren't any cookies sent back by the API to the browser supposed to be intercepted and stored in the browser's cookie storage? (I also wonder if this has to do with the run-loop in angular...since my pages never reload - they are routed using ngRoute with no extra page loads)

  2. And if the above turns out to be that the Browser will not store cookies received from a javascript/angular request, how would I store the cookies? I've seen use of $cookies.mySession = "cookieContentHere"; but how am I to make use of this if I can't access the Set-Cookie header?

Thanks for all answers in advance!

admdrew
  • 3,790
  • 4
  • 27
  • 39
Luke Chang
  • 149
  • 1
  • 1
  • 9
  • Perhaps these cookies are `HttpOnly`? [Maybe a similar issue as in this post here](http://stackoverflow.com/questions/18814657/angularjs-can-not-read-session-value) – Ross May 05 '14 at 18:21
  • I'll check with my API guy. On another note, is it same to assume that whatever requests that interface through the browser, that set cookies, will do so? – Luke Chang May 05 '14 at 18:45
  • I hope you since have found a solution. With a similar problm I found that not setting the path on the cookie was causing the problem, see http://stackoverflow.com/questions/22432616/why-is-the-browser-not-setting-cookies-after-an-ajax-request-returns – Pierre Henry Oct 27 '16 at 16:26

0 Answers0