Frontend:
<code>import axios from "axios";
import { useContext, useRef } from "react";
import { useNavigate } from "react-router-dom";
import { BlogsUserStore } from "../store/blogs-user-store";
const Signin = () => {
const oldEmail = useRef("");
const oldPassword = useRef("");
const navigate = useNavigate();
const { setUser, notifySuccess, notifyError, api } =
useContext(BlogsUserStore);
console.log(api);
const handleSubmit = async (event) => {
event.preventDefault();
const email = oldEmail.current.value;
const password = oldPassword.current.value;
try {
const response = await axios.post(
`${api}/api/user/signin`,
{
email,
password,
},
{
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
},
{
withCredentials: true,
}
);
console.log(response.data);
setUser([]);
notifySuccess("Login Successful");
navigate("/");
} catch (error) {
console.error("Error signing in:", error);
if (error.response && error.response.status === 401) {
notifyError(error.response.data.message);
} else {
notifyError("Incorrect Password");
}
}
};
return (
<>
<div className="container mt-4">
<form onSubmit={handleSubmit}>
<div className="mb-3">
<label htmlFor="email" className="form-label">
Email address
</label>
<input
type="email"
className="form-control"
name="email"
id="email"
ref={oldEmail}
aria-describedby="emailHelp"
/>
<div id="emailHelp" className="form-text">
We'll never share your email with anyone else.
</div>
</div>
<div className="mb-3">
<label htmlFor="password" className="form-label">
Password
</label>
<input
type="password"
className="form-control"
name="password"
id="password"
ref={oldPassword}
/>
</div>
<button type="submit" className="btn btn-primary">
Submit
</button>
</form>
</div>
</>
);
};
export default Signin;
</code>
<code>import axios from "axios";
import { useContext, useRef } from "react";
import { useNavigate } from "react-router-dom";
import { BlogsUserStore } from "../store/blogs-user-store";
const Signin = () => {
const oldEmail = useRef("");
const oldPassword = useRef("");
const navigate = useNavigate();
const { setUser, notifySuccess, notifyError, api } =
useContext(BlogsUserStore);
console.log(api);
const handleSubmit = async (event) => {
event.preventDefault();
const email = oldEmail.current.value;
const password = oldPassword.current.value;
try {
const response = await axios.post(
`${api}/api/user/signin`,
{
email,
password,
},
{
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
},
{
withCredentials: true,
}
);
console.log(response.data);
setUser([]);
notifySuccess("Login Successful");
navigate("/");
} catch (error) {
console.error("Error signing in:", error);
if (error.response && error.response.status === 401) {
notifyError(error.response.data.message);
} else {
notifyError("Incorrect Password");
}
}
};
return (
<>
<div className="container mt-4">
<form onSubmit={handleSubmit}>
<div className="mb-3">
<label htmlFor="email" className="form-label">
Email address
</label>
<input
type="email"
className="form-control"
name="email"
id="email"
ref={oldEmail}
aria-describedby="emailHelp"
/>
<div id="emailHelp" className="form-text">
We'll never share your email with anyone else.
</div>
</div>
<div className="mb-3">
<label htmlFor="password" className="form-label">
Password
</label>
<input
type="password"
className="form-control"
name="password"
id="password"
ref={oldPassword}
/>
</div>
<button type="submit" className="btn btn-primary">
Submit
</button>
</form>
</div>
</>
);
};
export default Signin;
</code>
import axios from "axios";
import { useContext, useRef } from "react";
import { useNavigate } from "react-router-dom";
import { BlogsUserStore } from "../store/blogs-user-store";
const Signin = () => {
const oldEmail = useRef("");
const oldPassword = useRef("");
const navigate = useNavigate();
const { setUser, notifySuccess, notifyError, api } =
useContext(BlogsUserStore);
console.log(api);
const handleSubmit = async (event) => {
event.preventDefault();
const email = oldEmail.current.value;
const password = oldPassword.current.value;
try {
const response = await axios.post(
`${api}/api/user/signin`,
{
email,
password,
},
{
"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
},
{
withCredentials: true,
}
);
console.log(response.data);
setUser([]);
notifySuccess("Login Successful");
navigate("/");
} catch (error) {
console.error("Error signing in:", error);
if (error.response && error.response.status === 401) {
notifyError(error.response.data.message);
} else {
notifyError("Incorrect Password");
}
}
};
return (
<>
<div className="container mt-4">
<form onSubmit={handleSubmit}>
<div className="mb-3">
<label htmlFor="email" className="form-label">
Email address
</label>
<input
type="email"
className="form-control"
name="email"
id="email"
ref={oldEmail}
aria-describedby="emailHelp"
/>
<div id="emailHelp" className="form-text">
We'll never share your email with anyone else.
</div>
</div>
<div className="mb-3">
<label htmlFor="password" className="form-label">
Password
</label>
<input
type="password"
className="form-control"
name="password"
id="password"
ref={oldPassword}
/>
</div>
<button type="submit" className="btn btn-primary">
Submit
</button>
</form>
</div>
</>
);
};
export default Signin;
Backend
<code>router.post(
"/signin",
checkForAuthenticationCookie("token", "home"),
async (req, res) => {
// console.log("Aagyee");
try {
const { email, password } = req.body;
const token = await User.matchPasswordAndGenerateToken(
email,
password
);
// console.log(token);
res.cookie("token", token, {
httpOnly: true, // Helps prevent XSS attacks
maxAge: 24 * 60 * 60 * 1000,
secure: process.env.NODE_ENV === "production", // Ensure cookies are sent over HTTPS
sameSite:
process.env.NODE_ENV === "production" ? "None" : "Lax",
});
console.log(process.env);
res.status(200).json({ message: "Signin successful" });
} catch (error) {
console.error("Error during sign-in:", error);
if (
error.message === "User not found" ||
error.message === "Incorrect password"
) {
res.status(401).json({ message: error.message });
} else {
res.status(500).json({ message: "Internal Server Error" });
}
}
}
);
</code>
<code>router.post(
"/signin",
checkForAuthenticationCookie("token", "home"),
async (req, res) => {
// console.log("Aagyee");
try {
const { email, password } = req.body;
const token = await User.matchPasswordAndGenerateToken(
email,
password
);
// console.log(token);
res.cookie("token", token, {
httpOnly: true, // Helps prevent XSS attacks
maxAge: 24 * 60 * 60 * 1000,
secure: process.env.NODE_ENV === "production", // Ensure cookies are sent over HTTPS
sameSite:
process.env.NODE_ENV === "production" ? "None" : "Lax",
});
console.log(process.env);
res.status(200).json({ message: "Signin successful" });
} catch (error) {
console.error("Error during sign-in:", error);
if (
error.message === "User not found" ||
error.message === "Incorrect password"
) {
res.status(401).json({ message: error.message });
} else {
res.status(500).json({ message: "Internal Server Error" });
}
}
}
);
</code>
router.post(
"/signin",
checkForAuthenticationCookie("token", "home"),
async (req, res) => {
// console.log("Aagyee");
try {
const { email, password } = req.body;
const token = await User.matchPasswordAndGenerateToken(
email,
password
);
// console.log(token);
res.cookie("token", token, {
httpOnly: true, // Helps prevent XSS attacks
maxAge: 24 * 60 * 60 * 1000,
secure: process.env.NODE_ENV === "production", // Ensure cookies are sent over HTTPS
sameSite:
process.env.NODE_ENV === "production" ? "None" : "Lax",
});
console.log(process.env);
res.status(200).json({ message: "Signin successful" });
} catch (error) {
console.error("Error during sign-in:", error);
if (
error.message === "User not found" ||
error.message === "Incorrect password"
) {
res.status(401).json({ message: error.message });
} else {
res.status(500).json({ message: "Internal Server Error" });
}
}
}
);
I am using this in my React. Whenever i signin it doesn’t save my cookie to my client-side browser, i have used postman and it’s correctly sending me cookie but when i am deploying in netlify it doesn’t. The main problem i am getting is cookie is not getting saved in my browser
I have used withCredentials and samesite, secure logics. And it has been sending my data into postman but not getting saved browser so that i can use it for storing data
New contributor
Naman Soni is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.