Alright, so I have come across a rather weird problem.
I am creating a login instance for users.
When I post the login form without fetch() it works. My browser (both Firefox and Chrome) sets the cookie properly and I can be "authenticated".
However, when I send the data via fetch() it does not setcookie() in the backend.
NOTE: The assumption is that the credentials are correct.
This is my PHP login script
$user = htmlentities($_POST['username'], ENT_QUOTES);
$pass = htmlentities($_POST['password'], ENT_QUOTES);
$remember = isset($_POST['rememberme']) ? true : false;
$login = $PHPAuth['auth']->login($user, $pass, $remember);
/**
* $PHPAuth == [
* 'config' => PHPAuthConfig(),
* 'auth' => PHPAuth()
*/
if($login['error']) {
echo json_encode($login);
} else {
// create new cookie
setcookie(
$PHPAuth['config']->cookie_name,
$login['hash'],
$login['expire'],
'/', # path
'localhost', # domain
false, # HTTPS
true # HTTP-ONLY
);
echo json_encode($login);
}
The fetch() script is at its bare minimum, only requesting body and method. I removed any extra headers to see if it would help. It didn't:
function postForm(url, data) {
return fetch(url, {
body: data,
method: 'post'
})
.then(response => response.json());
}
FOR REFERENCE: I am using this PHPAuth library.
