DEV Community


Discussion on: Password-based authentication with GraphQL and Passport

jaggervlad profile image

Hellow bro this library is amazing just a little question, about cors, in client side its necesary added credentials : 'include' to support session?

jkettmann profile image
Johannes Kettmann Author

Thanks a lot! First of all, it depends on whether or not you're using cookies to store the session id. express-session as we use it in the article works with cookies. In that case, you need the credentials header.

Depending on whether or not your frontend and backend are running on the same domain you might also use same-origin instead. Have a look here for all options.