I have developed an application using Vite + React for the client side and Express.js for the server side. The login functionality works seamlessly on computers and Android devices. However, I encountered an issue when attempting to log in from Safari on iOS. After thorough testing, it appears that the token cookie is not being set when verifying the login status (only in iOS).
After verifying username and password I do this
const token = createAccessToken(user);
res.cookie("token", token, {
maxAge: 315360000,
sameSite: "None",
secure: true,
});
return res.status(200).json(user);
Then to validate the token on the server I do this
validateToken(token)
.then((user) => {
return res.status(200).json(user);
})
.catch(() => {
return res.status(401).json({ message: "Token invalido o expirado" });
});
Finally, my CORS options
const corsOptions = {
origin: [
"http://localhost:5173",
"https://some_url.vercel.app",
"http://192.mi_ip:19006",
],
methods: "GET,HEAD,PUT,PATCH,POST,DELETE",
credentials: true,
optionsSuccessStatus: 204,
};
Server consistently returns a 401 error, and after extensive testing, it’s evident that the token is not present. It’s important to note that the application works flawlessly on other platforms.
The client is hosted on Vercel, and the server is on Fly.io. I’m specifically encountering this issue on iOS (Safari).
Any insights or suggestions on why the token cookie might not be setting on iOS would be greatly appreciated. Thank you!