Why cookies are not set on post request in Angular 5?

A

Alexander Mikhailenko2018-06-08 16:59:43

Angular

Alexander Mikhailenko, 2018-06-08 16:59:43

Good afternoon, I'm doing a project, the API is separate, the front part is separate in angular.
Everything is local.
I do a request from angular, and I get a response via api, but this cookie is not installed in the browser, in the cookie section in dev tools. Although it exists and is sent back. How can I get it into code?
here is a request from the front

const httpOptions = {
            withCredentials: true,
            headers: new HttpHeaders({
                'Content-Type': 'application/json',
            }),
        };


        const login = this.http.post('http://api/dashboard/login', body, httpOptions);

        login.subscribe(
            (response: HttpResponse) => {
                this.doSomething(response);
            }, (err) => {
                console.log('Error: ' + err);
            });

htaccess headers are configured on the server like this

Header set X-Content-Type-Options "nosniff"
  Header set X-XSS-Protection "1; mode=block"
  Header always set Access-Control-Max-Age 1728000
  Header always set Access-Control-Allow-Origin: "http://localhost:4200"
  Header always set Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
  Header always set Access-Control-Allow-Headers: "Content-Type, Range, Origin, X-Requested-With,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control, Cache ,set-cookie,cookie, dashboard_token, token
  Header always set Access-Control-Allow-Credentials true

response from the server

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Range, Origin, X-Requested-With,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control, Cache ,set-cookie,cookie, dashboard_token, token
Access-Control-Allow-Methods: GET,POST,OPTIONS,DELETE,PUT
Access-Control-Allow-Origin: http://localhost:4200
Access-Control-Max-Age: 1728000
Connection: Keep-Alive
Content-Length: 121
Content-Type: application/json;charset=utf-8
Date: Fri, 08 Jun 2018 14:14:24 GMT
Keep-Alive: timeout=10, max=100
Server: Apache
Set-Cookie: dashboard_token=20338a95cb18498b17de9119792cd277; path=; expires=Fri, 15-Jun-2018 14:14:24 UTC
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Anton, 2018-06-08
@m1hasik

The domains seem to be different, Angular sits on localhost:4200, and the apishka sits on api
In general, I myself recently learned about proxying Angular requests to other domains/ports - https://github.com/angular/angular-cli/blob/master..
I have this config (proxy.conf.json )

{
  "/data/**": {
    "target": "http://booking.localhost/",
    "logLevel": "debug",
    "changeOrigin": true
  },
  "/login": {
    "target": "http://booking.localhost/",
    "logLevel": "debug",
    "changeOrigin": true
  },
  "/logout": {
    "target": "http://booking.localhost/",
    "logLevel": "debug",
    "changeOrigin": true
  }
}

I run like this
the second parameter is to not clear the folder where ng build --prod puts the files, because symfony is loaded from there.

I

Ilya, 2018-06-08
@ilyapashkov02

what's in the repos?