How to set a cookie with Gin JWT middleware

Question

I believe I successfully implemented the JWT middleware for Gin Gonic by following the example in the readme.

It is my understanding that upon retrieving an access token, I should also retrieve a refresh token that is being stored in a http only cookie.

There is an option for this:

SendCookie:       true,
SecureCookie:     false, //non HTTPS dev environments
CookieHTTPOnly:   true,  // JS can't modify

So I was under the impression that after logging in (and thereby getting the access token), a cookie with the refresh token is stored simultaneously. It appears if this is not the case, because I can't see any cookie in the browser's dev tools. What am I missing here?

score 1 · Answer 1 · answered Jan 01 '20 at 21:06

It was actually set, one can check when looking at the response in the network tab of the browser's developer tools.

I could, however, not see it in the cookies section (dev tools > application) because it had the wrong domain. Apparently there is a bug in the middleware that causes troubles when the domain is set to localhost with a specific port.

How to set a cookie with Gin JWT middleware

1 Answers1