httpOnly cookie in react-native for JWT refresh-token

3
votes

I have an express-node server . I send JWT access token in response and also a JWT refresh token via httpOnly cookie only . When using it in browser, that refresh token is automatically sent with every subsequent request.

But when I tried to use that in react native project , the httpOnly cookie is not saved automatically in the app , nor the server get any cookie with api request . I think there is no place where httpOnly cookie can be saved in react-native. Some advice me to save it in AsyncStorage , but as it is httpOnly cookie , I can not read it by javascript, so can not save it to any place.

Do react native do not save or handle http-only cookie ??

1
react-nativejwtaccess-tokenrefresh-tokencookie-httponly
do you find a solution ? thankx - AlainIb
yes and no. let me clarify. react-native can not handle httpOnly cookie. so what you can do you should not send the httpOnly cookie but general cookie. now if you have a web application and a react native application . you have to make 2 different API endpoints for both. for the web application: you will send httpOnly cookie for react-native application: you will send a general non-httpOnly cookie if you found any better solution, please let me know. - subhadip pahari

1 Answers

0
votes

Today, the library seems to manage it through the cookie manager of android and ios

Like this : https://openbase.io/js/@react-native-community/cookies/documentation