Troubleshooting cookieAuth.clear() issues.
Closed this issue · 3 comments
Greetings,
We have a website that is using request.cookieAuth.clear() to clear out the current session for logging out (just like the example). It's a pretty simple setup:
exports.logout = function(request, reply) {
request.cookieAuth.clear();
return reply.redirect('/signin');
};
method: 'GET',
path: '/dashboard/logout',
config: {
id: 'dashboard_logout',
handler: Pages.logout,
auth: {
strategy: 'session',
mode: 'try'
}
}
Nothing too strange here.
This works just fine locally, but it doesn't work at all on our actual servers, staging or whatever. I suspect this is because the cookie is generated by our API (on one server) and being cleared by the client server (a different server).
The issue is, I have no real way to tell what is going on. There is no feedback at all from cookieAuth.clear() - whether or not a cookie even exists in the first place, an invalid cookie, etc. It just always returns "undefined".
What would be the best way to troubleshoot this issue? And would the proper way to fix the above mentioned scenario be to have the same server that generated the cookie to return the .clear()? Is there a way to have a different server clear it, or does that break CORS?
Assuming that the cookie configuration is identical on both servers, there shouldn't be a problem with issuing and clearing the cookie on different servers.
@chrisburrus You may need to use the Domain property to use a common domain between the servers. I'm assuming that the servers are two sub domains in the same domain.
This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions.