Chrome and Edge Not Getting Session Tokens, but Firefox is in Angular Program
-
Hello all,
First time I'm posting here, and it's a bit of a crippling issue. Not sure if it's something I did or not, as I followed the exact directions given by FusionAuth for setting up login functionality.
In Firefox, the session tokens are being obtained and I'm able to authenticate users perfectly fine. However, in Chrome and Edge, it's sending the user through an infinite loop of trying to authenticate. I believe it's happening here in the "user.js" file:
const express = require('express'); const router = express.Router(); const request = require('request'); const config = require('../config'); router.get('/', (req, res) => { // token in session -> get user data and send it back to the Angular app if (req.session.token) { request( { method: 'GET', uri: `https://site.domain.com:${config.fusionAuthPort}/oauth2/userinfo`, headers: { 'Authorization': 'Bearer ' + req.session.token } }, // callback (error, response, body) => { let userInfoResponse = JSON.parse(body); // valid token -> get more user data and send it back to the Angular app request( // GET request to /registration endpoint { method: 'GET', uri: `https://site.domain.com:${config.fusionAuthPort}/api/user/registration/${userInfoResponse.sub}/${config.applicationID}`, json: true, headers: { 'Authorization': config.apiKey } }, // callback (error, response, body) => { res.send( { ...userInfoResponse, ...body // body is results from the registration endpoint:w } ); } ); } ); } // no token -> send nothing else { res.send({}); } }); module.exports = router;If my own troubleshooting is correct, it's not obtaining the information properly, so it's sending a blank JSON back to the user, which my site then thinks means that the user is invalidated. It then sends the user back to the login, only to be validated, then it just continuously sends them through the loop again. Just to reiterate, it DOES WORK on Firefox, just not the Chromium based browsers.
Thank you for any help that you can give. FWIW, I have the site completely SSL signed and using the HTTPS protocol, except for the Express server itself.
-
Hmmm. So which line is failing, according to your troubleshooting?
-
@itteam
I just want to say that It's difficult to diagnose the issue without more information or seeing the code in its entirety. However, based on the information you provided, one possibility could be related to how the browser handles cookies.It's possible that the browser is blocking cookies from being set by the server, and therefore, the session is not being maintained across requests. Since the session token is stored in the session, this would result in the infinite loop of trying to authenticate.
To check if this is the issue, you can try disabling any cookie-blocking extensions or settings in the affected browsers and see if the issue persists.
Another possibility could be related to how the server is handling requests. It's possible that the server is not correctly handling the request headers in Chrome and Edge, which is causing the authentication to fail.
To troubleshoot this, you can use the browser's developer tools to inspect the request and response headers and compare them to what is expected. You can also check the server logs to see if there are any errors or anomalies that may be causing the issue.
Lastly, it's also possible that there is an issue with the FusionAuth configuration or integration with your server. If you've ruled out the above possibilities, you may want to review the FusionAuth documentation and make sure that your setup is correct.
I hope this helps you get started with troubleshooting the issue. Good luck!
