>What is the issue about:
I am unable to delete the cookie stored in my browser.
Although, I have tested the cookie deletion functionality in POSTMAN, and it works fine there.
>Things I have done to delete the cookie:
i) Send the cookie with random value and past expiry time
const cookieOptions={
expires: new Date(Date.now()-10*1000), //setting the expiry date to past
httpOnly:true,
};
res.cookie("jwt","null",cookieOptions);
Here is the logout function for the logout route
//authController.js
exports.logout=async(req,res)=>{
try{
const cookieOptions={
expires: new Date(Date.now()-10*1000),
httpOnly:true,
};
console.log("Logging out");
//res.clearCookie("jwt"); //Have done this also
res.cookie("jwt","null",cookieOptions);
console.log("Deleted");
res.status(200).json({
status:"success",
message:"Cookie has been deleted"
});
}catch(err){
console.log(err);
res.status(400).json({
status:"failed",
message: err.message
})
}
}
//userRoutes.js
router.route("/logout").get(authController.logout);
module.exports=router;
//app.js
const userRouter=require("./routes/userRouter")
app.use("/api/v1/users",userRouter);
Here is the login function through which user receives a cookie in browser stored as “jwt”
//authController.js
exports.login=async(req,res)=>{
try{
const {email,password}=req.body;
const user=await User.findOne({
email:email
}).select("+password");
if(!user)
throw `Please enter a valid email or password`;
const correct=await user.compareNormalPwithHashedP(password,user.password);
if(!correct)
throw `Please provide valid email or password`;
console.log(user);
const token= jwt.sign({id:user._id,name:user.name},process.env.JWT_SECRET,{expiresIn:process.env.JWT_EXPIRES});
const cookieOptions={
expires:new Date(Date.now()+process.env.COOKIE_EXPIRES*24*60*60*1000),
httpOnly:true
}
res.cookie("jwt",token,cookieOptions);
res.status(200).json({
status:"success",
message:"You have logged in successfully",
data:{
user,
}
})
}catch(err){
console.log(err);
res.status(400).json({
status:"failed",
message: err.message
})
}
}
ii) tried to await the res.cookie await res.cookie("jwt","null",cookieOptions);
iii) tried all sorts of experimentation with the expires such as:
i)const cookieOptions={
expires: new Date(0),
httpOnly:true,
}
ii)const cookieOptions={
expires: new Date(Date.now()),
httpOnly:true,
}
iii)const cookieOptions={
expires: new Date(Date.now()+10*1000), //EVEN ADDING 10s EXPIRY TIME
httpOnly:true,
}
Still, that cookie sits there like a DUMB KID in the browser and is not moving at all or even modifying itself with the updated value and expiry time!!!
Here is my Frontend code in React from where its interacting with the Express server:
<div className="login-dropdown" onClick={async e=>{
dispatch({type:"logout"});
await axios.get("http://localhost:4001/api/v1/users/logout");
navigation("/");
window.location.reload();
}}>
<div style={{display:"flex", marginLeft:"10px",position:"relative",top:"30%"}}>
<img style={{width:"20px"}} src={logout_logo}/>
<p style={{marginLeft:"20px"}}>Logout</p>
</div>
</div>
Is cookie deletion also not working in POSTMAN??
It is working PERFECTLY FINE when I am testing this in POSTMAN. No worries whatsoever. However, it is just not working in the browser. I have to manually delete the cookie from the browser for the logout functionality to actually work
PLEASE help me out as I am almost stuck for 5 hours straight with no solutions coming to the rescue from similar stackoverflow question with answers and in the internet…nothing is resolving this issue.
Please suggest what is going wrong in this piece of program.