DEV Community

Discussion on: Secure authentication in Nuxt SPA with Laravel as back-end

smzapp profile image
smzapp • Edited on

Hi @stefan

I am also encountering this problem. I tested on Postman and I can see the refresh_token into the cookie so I can get it through request()->cookie('cookie')

But on my browser, the refresh_token cookie is not existing. I already added AddQueuedCookiesToResponse in Kernel.php and tried to except the cookie in EncryptCookies but still, refresh_token is not existing.

Did I miss anything? THanks in advance.

Thread Thread
stefant123 profile image
StefanT123 Author

As the refresh_token is set to be HttpOnly cookie, you can't access it or see it in the browser cookies. The refresh_token is used only to renew the access_token when it expires.