I have a website (child) within another website (parent). The child website presents a login page initially which uses passport.js for authentication. The issue I am facing is that the parent does not store the cookies from the login and whenever I refresh the parent website, it takes me back to the child login page.
I do not have this issue in firefox but am experiencing it in chrome and microsoft edge.
From my research, I have tried these configurations for session parser but to no avail. (sameSite: 'none' / false, secure: true)
sessionParser.js
...
function setupSession(isSecure) {
let store = new MemoryStore({ checkPeriod: 86400000 });
let sessionConfig = {
name: 'sid',
secret: SESSION_SECRET,
store,
resave: false,
saveUninitialized: false,
proxy: true,
cookie: {
secure: true,
sameSite: 'none',// also tried false but still does not work
httpOnly: true,
maxAge: 1000 * 60 * 60 * 24 * 30,
}
};
return session(sessionConfig);
}
app.js
...
let app = express();
...
app.enable('trust proxy');
...
app.use(sessionParser);
...
What am I doing wrong? (using node v18.16.1, express v4.18.2)