Create a cookie on a subdomain that is accessible by all other subdomains

I have been working on a NextJS project that involves multiple apps on separate subdomains. My objective is to enable single sign-on so that when I log in to one app, I am automatically signed in to all the others. We are utilizing nookies as our cookie handler and creating a cookie with a JWT token payload received from an API. Despite trying to manually set the cookie domain, it did not result in the cookie being set on the main domain as expected.

Here are the steps I have taken:

setCookie(
    null,
    "token",
    `JWT ${data.tokenAuth.token}`,
    {
        maxAge: 29 * 24 * 60 * 60,
        path: "/",
        domain: process.env.NEXT_PUBLIC_COOKIE_DOMAIN,
    }
);

I attempted setting NEXT_PUBLIC_COOKIE_DOMAIN to both "example.com" and ".example.com", but neither approach successfully set the cookie on the main domain; it was always assigned to the current subdomain instead. I also considered placing the login page under "example.com/login" to see if this would help set the cookie on the main domain for universal access, but I prefer finding a solution without resorting to this method. Having reviewed RFC 6265, my understanding is that setting cookies only works from the main domain, yet the tracking mechanism we are using somehow manages to assign “.example.com” for its cookies. What could I be overlooking? Thank you in advance for any insights provided.

javascriptnext.jscookiessubdomain

Answer №1

For effective cross-subdomain cookie sharing, it is important to ensure that cookies are shared across subdomains by setting the domain attribute with a leading dot (e.g., ".example.com"). It is recommended to avoid using SameSite: Strict for cross-site requests and instead consider using None with caution. Secure cookies play a vital role in HTTPS sites, so make sure to set the path attribute to "/" for domain-wide access. Verify that the environment variable NEXT_PUBLIC_COOKIE_DOMAIN is configured correctly and test your setup using browser tools to confirm the correct domain and attributes of the cookie.

If you are looking for an example on how to set a cookie using nookies, here is a sample code snippet:

import { setCookie } from "nookies";

// Set cookie with domain and other attributes
setCookie(null, "token", `JWT ${data.tokenAuth.token}`, {
  maxAge: 29 * 24 * 60 * 60, // 29 days
  path: "/",
  domain: process.env.NEXT_PUBLIC_COOKIE_DOMAIN, // Should be ".example.com"
  secure: true, // Set to true if served over HTTPS
  sameSite: "None", // If necessary for your use case
});

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Is it possible to turn off security features for a Heroku Postgres database?

My project doesn't involve sensitive data, so I'm not concerned about security vulnerabilities. I believe the issue lies in the connection between the App/server and the DB. I've searched on Youtube and Google for solutions, but the informa ...

javascriptpostgresqlexpressherokuheroku-cli

Having trouble with charts not appearing on your Django website?

I am working on a Django project where I need to integrate bar-charts using Django-nvd3. Although I have successfully displayed the bar-charts in separate projects, I am facing an issue with integrating them into my current project. Below is the code snipp ...

javascriptpythonhtmldjangonvd3.js

The search function in Select2 is not displaying the desired result

I'm encountering an issue with the search functionality when it uses Ajax to load data from a JSON file. For example, if I search for Yemen, the record for Yemen does not get selected or highlighted properly. Here is the complete source code - could ...

javascriptjsonjquery-select2

What is the best way to retain the leading zeros when creating a new Number() in JavaScript?

Hey everyone, I'm running into some issues with this specific function. const incrementString = str => { if (!str.match(/[\d+]$/)){ return str += 1 } else{ return str.replace(/[\d+]$/, match => new Number(match) + 1) } ...

javascriptregexstring

Working with iFrames through Splinter/Selenium in Python

Just a heads up: I can work with either Selenium or the Splinter API wrapper for Selenium! I've encountered some hurdles while trying to navigate iframes on Twitter.com using the Python Splinter API. For instance, with Browser('firefox', ...

javascriptpythonseleniumiframesplinter

Strategies for creating a dynamic progress bar using jQuery and JavaScript

I'm currently working on a project that involves increasing a percentage number while filling up the background color inside it based on the percentage value. The current setup is functional in terms of animating the background, but I need it to dynam ...

javascripthtmlcssjquery-animate

When certain triggers are activated, a hidden textbox revealed through javascript is made visible

After changing a dropdown value (from ddlSource) and hiding some text boxes using JavaScript, everything works fine. However, when the user enters a certain value in another textbox triggering an AJAX call to populate some labels, upon form reload, the hid ...

javascriptasp.netajax

Creating a simulation of a ReactJS form tag using TestUtils does not activate the `onSubmit` event

When attempting to simulate the onSubmit event on the form tag using Sinon to spy on the method, it appears that the method being spied on is not called at all. For reference, here's a JSFiddle. ...

javascriptreactjs

In the v-bind:Style statement, check the condition

<div> <figure :style="{ 'background': 'url(' + item.main_featured + ') center no-repeat' }"> </div> I need the background style attribute to display a color if the URL fetched from the API is und ...

javascriptvue.jsvuejs2

Changing MySQL Limit arguments into numerical values

I'm encountering an issue with my Rest call to a MySQL database. I'm using a JavaScript object and sending it through a REST GET call with a Java back-end. requestParams: { pageStart: 0, results: 10 } I have configured ...

javascriptmysqlrest

Retrieve the screen width using a JavaScript function and apply it as a percentage

I find myself needing to adjust the size of table elements based on the width of the screen. While I am not well-versed in javascript or html, resolving this issue is crucial. Unfortunately, I did not create the original asp page and have limited ability t ...

javascripthtml

When swiping right with Swiper.js, the slides are jumping by all, skipping the following slide, but the left swipe functions correctly

Here is the code I used for my swiper element: new Swiper("#swiper-pricing", { slidesPerView: 1.3, spaceBetween: 30, centeredSlides: true, loop: true, keyboard: { enabled: true, }, autoplay: { delay: 50 ...

javascripthtmlcssbootstrap-5swiper.js

Transferring data from a stream in NodeJS to FrontEnd using ReactJS

How are you doing? I'm trying to figure out how to send a large data request from PostgreSQL to the FrontEnd in JSON format. Can anyone help with an example of how this can be achieved? Thank you. Here is my code: const express = require('expr ...

javascriptnode.jsjsonreactjsstream

Can the root directory of a node module be customized or specified?

When publishing a node module with source files in a src directory, users typically need to specify the full path from the module when importing a file into their project. For example: Directory Structure: my-module --src ----index.js ----something-else ...

javascriptnode.jsnpm

Incorporating JSON Objects within AngularJS

Currently, I am using AngularJS to fetch JSON data like this: $http.get('/balance').then(function (response) { $scope.balance = response.data; }); The value of response.data is as follows: { "pending": [{ "amount": 16, "currency": ...

javascriptjsonangularjshttpvariables

Tips for displaying multiple results from a MySQL query in a single .ejs file using Node.js and Express

Currently diving into Node.js and working on a web application, I am faced with the challenge of rendering twice in the same .ejs file. Consider the scenario presented in the following .ejs file: <table> <% rows.forEach(function(ind){ %> /* m ...

javascripthtmlnode.jsexpressejs

Interacting with wpdb using AngularJS

I just started learning AngularJS and I'm eager to implement it on my WordPress website. My goal is to display a table with data from a database in my WordPress site, but I am encountering difficulties accessing the WordPress functions and variables. ...

javascriptphpangularjswordpress

Utilize a variable within the res.writeHeads() method in Node.js

Greetings all. I have encountered an issue that I need help with: Currently, I am using this block of code: res.writeHead(200, { "Content-Length": template["stylecss"].length, "Connection": "Close", "X-XSS-Protection": "1; mode=block", "S ...

javascriptnode.jsvariablesobjecthyperlink

How can we create lists using parentheses specifically with Javascript or jQuery?

I am looking to create a formatted list using <ol> and <ul> tags with parentheses included. (1) List1 (2) List2 (3) List3 (4) List4 The challenge is to achieve this formatting purely with javascript or jQuery, without relying on any external ...

javascriptjqueryhtmlcss

Retrieve data from an API and store it in a JSON array

My website is having an issue where it's fetching data from an API and displaying it in a table, but all the cells are returning undefined values. The data in the API is structured as an array with multiple datasets inside curly braces that I am unsu ...

javascripthtmljsonapi