DEV Community

loading...

Discussion on: Password-based authentication with GraphQL and Passport

Collapse
jaggervlad profile image
jaggervlad

Hellow bro this library is amazing just a little question, about cors, in client side its necesary added credentials : 'include' to support session?

Collapse
jkettmann profile image
Johannes Kettmann Author

Thanks a lot! First of all, it depends on whether or not you're using cookies to store the session id. express-session as we use it in the article works with cookies. In that case, you need the credentials header.

Depending on whether or not your frontend and backend are running on the same domain you might also use same-origin instead. Have a look here for all options.