httpOnly cookie in react-native for JWT refresh-token

About

Asked 6/3, 2020 at 19:36 Answered 6/3, 2020 at 19:36

react-native jwt access-token refresh-token cookie-httponly

I have an express-node server . I send JWT access token in response and also a JWT refresh token via httpOnly cookie only . When using it in browser, that refresh token is automatically sent with every subsequent request.

But when I tried to use that in react native project , the httpOnly cookie is not saved automatically in the app , nor the server get any cookie with api request . I think there is no place where httpOnly cookie can be saved in react-native. Some advice me to save it in AsyncStorage , but as it is httpOnly cookie , I can not read it by javascript, so can not save it to any place.

Do react native do not save or handle http-only cookie ??

Acarology answered 6/3, 2020 at 19:36 Comment(4)

do you find a solution ? thankx – Saccharin 9/6, 2020 at 15:30

yes and no. let me clarify. react-native can not handle httpOnly cookie. so what you can do you should not send the httpOnly cookie but general cookie. now if you have a web application and a react native application . you have to make 2 different API endpoints for both. for the web application: you will send httpOnly cookie for react-native application: you will send a general non-httpOnly cookie if you found any better solution, please let me know. – Acarology 23/7, 2020 at 16:39

3 years later what approach did you go With ? – Polacca 21/1, 2023 at 22:33

I used 2 different type of token for web based and mobile based auth. for mobile based auth only one JWT with long lived expiry (no Refresh token). and saving that in mobile device itself by react-native-keychain. – Acarology 27/1, 2023 at 23:43

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags