All geek questions in one place

Firebase cloud function will not store a cookie other than "__session"

I followed the authorized-https-endpoint sample and only added console.log to print req.cookies, the problem is that cookies are always empty {} I set cookies using client JS calls and they are saved, but for some reason Because of this, I cannot get them on the server side.

Here is the full index.js code, it is exactly the same as in the example:

 'use strict'; const functions = require('firebase-functions'); const admin = require('firebase-admin'); admin.initializeApp(functions.config().firebase); const express = require('express'); const cookieParser = require('cookie-parser')(); const cors = require('cors')({origin: true}); const app = express(); const validateFirebaseIdToken = (req, res, next) => { console.log(req.cookies); //// <----- issue this is empty {} why?? next(); }; app.use(cors); app.use(cookieParser); app.use(validateFirebaseIdToken); app.get('/hello', (req, res) => { res.send('Hello!!'); }); exports.app = functions.https.onRequest(app);

store cookies:

curl http://FUNCTION_URL/hello --cookie "__session=bar"//req.cookies = {__session: bar}

does not store:

curl http://FUNCTION_URL/hello --cookie "foo=bar"//req.cookies = {}

+11
source share
2 answers

If you use Firebase Hosting + Cloud Functions, __session is the only cookie you can save. This is necessary so that we can effectively cache content on a CDN - we __session all cookies from the request, except __session . This should be documented, but it seems not (oops!). We will update the documentation to reflect this limitation.

In addition, you need to set the Cache-Control header as private

 res.setHeader('Cache-Control', 'private');
+22
source

Is the above answer and naming convention valid? It seems I cannot pass any cookie to enable the session cookie named "__session" in the cloud function.

I installed a simple test function with proper firebase rewrite rules:

 export const test = functions.https.onRequest((request, response) => { if (request.cookies) { response.status(200).send('cookies: ${request.cookies}'); } else { response.status(200).send('no cookies'); } });

The function is called every time I access https://www.xxxcustomdomainxxx.com/test , but request.cookies is always undefined and therefore cookies are not returned.

For example, the following always returns β€œno cookies”:

 curl https://www.xxxcustomdomainxxx.com/test --cookie "__session=testing"

I get the same behavior in the browser, even after verifying that the session cookie called __session was set correctly through my authentication endpoint. Also, the link above ( https://firebase.google.com/docs/hosting/functions#using_cookies ) no longer indicates anything about cookies or naming conventions.

0
source

Source: https://habr.com/ru/post/1269529/

More articles:


All Articles