Cookies set in Webinspector but not in code

Answered

Asari posted this in #help-forum

AsariOP

2024-05-01T00:55:32.786Z

When I try to access my cookies in an api route using next/headers cookies() function I just get back undefined, even though the cookie is defined in my browser

Answered by Asari

issue was the sameSite: strict setting

View full answer

3 Replies

Jboncz

2024-05-01T01:29:47.514Z

Can you share your code @Asari

AsariOP

2024-05-01T08:40:35.056Z

Sure thing:

"use client";

import { useRouter } from "next/navigation";
import { signIn } from "./signIn.action";

export default function Home() {
  const router = useRouter();
  return (
    <div className="flex flex-col text-black bg-white shadow rounded h-[300px] w-[150px]">
      <button
        onClick={async () => {
          const { url } = await signIn();
          router.push(url);
        }}
        type="button"
      >
        Sign In with Google
      </button>
    </div>
  );
}

"use server";
import { google } from "@rapidnotes/auth";
import { generateCodeVerifier, generateState } from "arctic";
import { cookies } from "next/headers";

export const signIn = async () => {
  const state = generateState();
  const codeVerifier = generateCodeVerifier();

  cookies().set("state", state, {
    httpOnly: true,
    secure: process.env.NODE_ENV === "production",
    sameSite: "strict",
  });

  cookies().set("codeVerifier", codeVerifier, {
    httpOnly: true,
    secure: process.env.NODE_ENV === "production",
    sameSite: "strict",
  });

  const authUrl = await google.createAuthorizationURL(state, codeVerifier);

  return {
    url: authUrl.toString(),
  }
};

On the server I just do

cookies().get('state')?.value
cookies().get('codeVerifier')?.value

AsariOP

2024-05-01T08:47:09.770Z

issue was the sameSite: strict setting

Answer