I have a request being sent to the server which returns a cookie with the response. As I understand it, the cookie should be handled by the browser automatically (at least with AXIOS)? It seems that it is being stored to some capacity, but for some reason document.cookie does not output it.
Here is what manages the cookie-related routing:
function requirePasscode (to, from, next) {
console.log(document.cookie);
if (document.cookie.indexOf('passcode_cookie') > -1) {
console.log('This should be working');
next(true);
} else {
next ({
path: '/authenticate/' + to.params.id,
query: {
redirect: to.fullPath
}
})
}
}
Here is the code that sends the request:
authenticateUser: function() {
var data = {
'id' : this.$route.params.id,
'passcode' : this.state.password,
};
var that = this;
axios.post('/api/authenticate', data).then(function(response) {
swal('Great!', 'You have been authenticated.', 'success');
that.$router.push('/test/' + that.$route.params.id);
}, function(error) {
swal('Woah!', 'Wrong password, go away.', 'error');
});
}
Here is the request as seen in chrome dev tools:
POST /api/authenticate HTTP/1.1
Host: testing.dev
Connection: keep-alive
Content-Length: 28
Origin: http://testing.dev
X-XSRF-TOKEN: eyJpdiI6IjQxNzZwTkJwOSt1aHJFN1hXWUxXQkE9PSIsInZhbHVlIjoidStZQTlWSlRhYThIXC9YYjFwK1E0bGROaEI3cVRLVGdGTW5YSkxwc0thdk8wYythOUpFRWhseFBpbEV2RU1lZWpQbm4xeUU2RGh5ckhpK1RwUE9nQmhnPT0iLCJtYWMiOiI0NThjZmJkOWJlY2ZhN2M4OGUwNzVlYTIyYzFmMDQxN2VlNDU5NGVmMmUwODFhOTMzMzMyNjE4MzIyNTI4OWY5In0=
X-CSRF-TOKEN: zjafXGptCKWSwHCVFBydBgTL63HnngVRCqLgRLXY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
X-Requested-With: XMLHttpRequest
Referer: http://testing.dev/authenticate/1?redirect=%2Ftest%2F1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
Cookie: laravel_token=eyJpdiI6IlVPc2VPYUdkNlM2SG1ZK1VqMFFCUnc9PSIsInZhbHVlIjoiN2FnNjQ0WXBCY2RBcFQ5RUVpZWMxbEl3NkM3ZXZKM0oxd3UrNHpUSlJUR2JXVnpcL0RBMFIrbkZBMVRlMDlEbE94TVp3UmRwMFlBNm1mV05LRnA1WTVzeTBCdlV6M3pmQUNJQjlRdXZhVTdEbzRjXC9DK3VGK2FJVGpTeXBCU1dOd3pGNng1M3c0RXVsSU5mQ3FVR1l4MFl5M0tZXC9tVGcyNDE5RFZpRUhmUk5CNUtqaTE0aFpyMUYxQ09IdnRPelBNSlY0T2RJbW85RDlTUzFWK2Y2TzYyaG5OSnlyaHdJb2FDQVRvRlNjMWVYbkc1TFAwNnZcL1FZM2JPeng0bURsQ0s0cDJZVzBZaktlVXlCd3FpdjRhM1VBPT0iLCJtYWMiOiI4ODZkYjQ0NWZiNzY0N2I0N2Y0ZjBhNWExNzcyMzVmMmNjNDM2NzMyYjI4N2Y4YzczYzRiYjY0NDJjZTE3MDJkIn0%3D; XSRF-TOKEN=eyJpdiI6IjQxNzZwTkJwOSt1aHJFN1hXWUxXQkE9PSIsInZhbHVlIjoidStZQTlWSlRhYThIXC9YYjFwK1E0bGROaEI3cVRLVGdGTW5YSkxwc0thdk8wYythOUpFRWhseFBpbEV2RU1lZWpQbm4xeUU2RGh5ckhpK1RwUE9nQmhnPT0iLCJtYWMiOiI0NThjZmJkOWJlY2ZhN2M4OGUwNzVlYTIyYzFmMDQxN2VlNDU5NGVmMmUwODFhOTMzMzMyNjE4MzIyNTI4OWY5In0%3D; laravel_session=eyJpdiI6IllSTkY5b0NGb0YwWFcyZGYwenJPaXc9PSIsInZhbHVlIjoiUEx5Nm9XRmY5SXArMkY2REFZbDBkdmppd1FZaVVqWGhoc3loblhRYVY2dGg2Q1RKTnIwdU1MZ25WZnlDRWVvNVIzeVdzOFdUcEJSeTk3c0xCbUwrTlE9PSIsIm1hYyI6IjEwMzRkMmYyOGZhZjg5ZGIwMmZlNmY4OTBjMWI2MGVlMWE3OTdhMjRhMGNjNWRkNTBiNWYzNDc2MmMyZmE5MTIifQ%3D%3D
Here is the response returned:
HTTP/1.1 200 OK
Date: Tue, 18 Jul 2017 18:08:35 GMT
Server: Apache/2.4.25 (Win64) OpenSSL/1.0.2k PHP/7.1.5
X-Powered-By: PHP/7.1.5
Cache-Control: no-cache, private
Set-Cookie: passcode_cookie=1337; expires=Tue, 18-Jul-2017 19:48:35 GMT; Max-Age=6000; path=/; HttpOnly
Content-Length: 7
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
It appears that the cookie is being stored:
However, the console.log(document.cookie) returns the following:
XSRF-TOKEN=eyJpdiI6InlvYk9RMkJ4c21zWmtoZ29PMlloNXc9PSIsInZhbHVlIjoiM1VjSDhnRU5PR284cmF0RTNqWEVSY3pcL3R5VFBFNW5GYkljOXVKUG5IMnh1aTM3R0ord2lSeHdLTEVxWndKZVIxeGppcERVSFVzUVwvY3RZQ1J5Zm4zUT09IiwibWFjIjoiYTRlMzc1NjJiMDhmNGEzOGZjYzE4NzkwYjY3ZmUwZjBlMWQwNjZiNGJmZWY3YTUwYzI3MTVkZDcxY2QyYWNjOSJ9
Seems like the XSRF token is the only thing being returned. Any ideas on why this may be happening?
