Cookie Auth
Unanswered
Dwarf Crocodile posted this in #help-forum
Dwarf CrocodileOP
Hello I am currently creating a nextjs and nestjs authentication boilerplate with cookies and a JWT system. I've reached a point where everything works from postman but not from my Nextjs client. When I try to call my “refresh” request to refresh my access token it doesn't send my HTTPOnly cookies with it. I've set up my CORS on my Nestjs api and everything works on Postman...
That's why I'm coming to you today, if you can give me any help I'd love it.
My middleware :
the res.headers log response : Headers { }
That's why I'm coming to you today, if you can give me any help I'd love it.
My middleware :
import { NextRequest, NextResponse } from "next/server";
import { jwtVerify } from "jose";
import { BACKEND_URL, JWT_SECRET } from "./lib/constants";
export async function middleware(req: NextRequest) {
const accessToken = req.cookies.get("access_token")?.value;
if (!accessToken || typeof accessToken !== "string") {
console.error("Token non trouvé ou invalide");
return NextResponse.next();
}
try {
const { payload } = await jwtVerify(
accessToken,
new TextEncoder().encode(JWT_SECRET)
);
console.log("Token validé:", payload);
return NextResponse.next();
} catch (error) {
try {
const res = await fetch(BACKEND_URL + "/auth/refresh", {
method: "POST",
credentials: "include",
});
console.log(res.headers);
} catch (err) {
console.log(err);
}
return NextResponse.redirect(new URL("/login", req.url));
}
}
export const config = {
matcher: ["/"],
};the res.headers log response : Headers { }