Server: Express, MongoDB, Passport, Cookie-Session ( Hosted on some other platform)
Frontend: SPA, React and bootstrap
Both my server and frontend are HTTPS based.
I am using passport google oauth to sign in the user. However, the session cookies is not being sent to backend during a subsequent request.
When I click sign in, I verified that callback URL on server is called, user is authenticated, user serialization and deserialization happens correctly. However, in my react code I reach out to backend server to check if current user is logged in. The backend route expects cookie set on the request in its middleware but no cookie is being sent.
CORS seems fine.
Cookie set with SameSite: None and Secure: True
When I inspect the network tab, I noticed that cookies are filtered out and SameSite attribute is not set to None.
My guess, when I redirect to my homepage, the application tries to reach to backend well before the cookies have been set and hence no cookies are being passed.
Can someone help me figure out this issue?
I have spent lots of time with chatgpt already to figure out the issue and nothing helped.
