Cookie session is destroyed when an Android home screen PWA is killed

Question

I have a PWA with session cookie based Authentication. I set a message for my cookie session for prevent cookies to be destroyed when I close my browser. Everything works fine except when I install my PWA in android home screen. If i log in from my home screen shortcut and then I kill the process of my installed PWA and I reopen it, I have to log in again my session cookie seems to be lost. Why? cookies are destroyed when you kill installed PWA process? Thank you in advance for your help.

sessionConfig = {
    store: new RedisStore({
      host: process.env.REDIS_HOST,
      port: process.env.REDIS_PORT,
      pass: process.env.REDIS_PASSWORD
    }),
    secret: config.SESSION_SECRET,
    name: 'mcdvsid',
    saveUninitialized: false,
    resave: false,
    cookie: { secure: config.COOKIE_SECURE, maxAge: ONE_YEAR }
  };
}
app.use(session(sessionConfig));

score 6 · Answer 1 · answered Feb 08 '20 at 20:40

I had this problem with my own PDA...

My solution was to set maxAge on the cookie explicitly - I believe the default for cookies ties them to the session. Here's the code from my app - I am using react-cookie:

cookies.set('cookie_name', cookieValue, { path: '/', sameSite: 'lax', maxAge: 31536000 })

Cookie session is destroyed when an Android home screen PWA is killed

1 Answers1