Return cookie from API request

Hi,
i have create a little app with angular that need of login.

I have create with CI4 an api system with JWT authentication. All work correcrly  .

Oviusly i have a problem.I'm try to save a cookie httponly after login into app, oviusly the cookie is created on the server but when i start the ajax call to the server the cookie don't return in browser.

This is my portion of code now:

............

PHP Code:

$token = JWT::encode($payload, $key, '');

        $res = [
            'message' => 'Login Succesful',
            'token' => $token,
        ];

        return $this->respond($res, 200); 


The login work fine and in my app arrive all information,particularly the token. Now i would to save the token in a cookie httponly.

I'm tring this code:

PHP Code:

$token = JWT::encode($payload, $key, 'HS256');

        $response = Services::response();

        $cookie = new Cookie(
            'remember_token',
            $token,
            [
                'max-age' => 3600 * 2, // Expires in 2 hours
            ]
        );

        $response->setCookie($cookie);

        $res = [
            'message' => 'Login Succesful',
            'token' => $token,
        ];

        return $this->respond($res, 200); 


As you can see i try to create a cookie but this don't return in my app.

Where i'm wrong ?

Thanks for help.

Your code seems good.

> when i start the ajax call to the server the cookie don't return in browser.

What do you mean?
The cookie is sent from your browser to the server.
It does not return to your browser.

ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper

If you want to see the JWT key then you need to load open the cookie to get it.

What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )

Hi,
thanks for help.
Probabily is my fault.......maybe i don't understand the correct process. I have read that is more correct in an angular application save in a cookie http only the jwt key so you can resend it to server when you navigate between pages that need the authorization.

If this is correct i need to create a cookie that via JS i can't create.....so the server create the cookie at the login and return it to my application.

It's correct or i'm on a bad way ?

In this moment i can't return the cookie from server, i think. After login (so the execution of the code before posted) in my application i see only "message" and status of response (200) but, for example, under ispector > application > cookie i don't see the cookie created.

I repeate probabily it's my fault maybe i don't understand something.

Thanks for any other help.

It seems your code sends a cookie to your browser.
Check the HTTP header in your browser's developer tools and see if the cookie header is sent, and check the cookie value is correct.

ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper

Ok,
i can see the set-cookie in header of the page but in ispector> application > cookie nothing is save.

Why ?

Something wrong with the cookie value.
So the browser throws it away.

ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper