So i use actix web on the backend and svelte on the frontend
This sends the cookie to the frontend
let cookie = auth_authority.create_signed_cookie(UserClaims {
id: o.id,
role: Role::User,
})?;
info!("Logged in user");
info!("{}", cookie);
Ok(HttpResponse::Ok()
.cookie(cookie)
.json("You are now logged in"))
And this is the CORS config:
let cors = Cors::default()
.allowed_origin("http://localhost:3000")
.allowed_methods(vec!["POST", "GET"])
.allowed_headers(vec![
header::AUTHORIZATION,
header::CONTENT_TYPE,
])
.expose_any_header()
.supports_credentials()
.max_age(3600);
And this is the function that fetches the data for svelte:
const resp = await fetch("http://0.0.0.0:4000/login", {
method: "POST",
mode: 'cors',
credentials: 'include',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify(
{
username,
password,
}
)
})
I do not recieve the Set-Cookie header when using a web browser but when i use curl i do(Most likely caused by CORS). I can send other headers that i create but i cannot send Set-Cookie no matter what. I used the .supports_credentials() method to allow cookies but that did nothing.
Can someone guide me into a direction to solve this or does someone know how to solve it?
