It's my cors headers:r := chi.New Router()
r.Use(cors.Handler(cors.Options{ AllowedOrigins: []string{"https://SECRET.COM", "http://SECRET.COM"}, AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"}, Allowed Headers: []string{"*"}, Exposed Headers: []string{"*"}, Allow Credentials: true, Max Age: 600, // Maximum value not ignored by any of major browsers}))It's my handler:unc (h *Handler) signIn(w http.ResponseWriter, r *http.Request) {var input signInInput
err := json.NewDecoder(r.Body).Decode(&input)if err != nil { NewErrorResponse(w, http.StatusBadRequest, err.Error()) return}token, err := h.Service.Authorization.GenerateToken(input.Email, input.Password)if err != nil { NewErrorResponse(w, http.StatusBadRequest, err.Error()) return}http.SetCookie(w, &http.Cookie{ Name: JwtTokenName, Domain: "SECRET.COM", Value: token, HttpOnly: false, // true - for prod; now it's false for test Expires: time.Now().Add(6 * time.Hour), // MaxAge: 0, // TEST! WARNING Path: "/",})w.WriteHeader(http.StatusOK)logger.Debug(fmt.Sprintf("User is logged in with email: %s. Token: %s", input.Email, token))}
But it's doesn't working.
I tried different options of body function SetCookie, such as:http.SetCookie(w, &http.Cookie{Name: JwtTokenName,Domain: "SECRET.COM",Value: token,HttpOnly: false, // true - for prod; now it's false for testExpires: time.Now().Add(6 * time.Hour),Path: "/",})
http.SetCookie(w, &http.Cookie{Name: JwtTokenName,Value: token,HttpOnly: false,Expires: time.Now().Add(6 * time.Hour),Path: "/",})
http.SetCookie(w, &http.Cookie{Name: JwtTokenName,Domain: "SECRET.COM",Value: token,HttpOnly: false,MaxAge: 0,Path: "/",})
http.SetCookie(w, &http.Cookie{Name: JwtTokenName,Domain: "SECRET.COM",Value: token,Path: "/",})
but it's doesn't work. Please help me :)
P.S. it's not about time (I set it with a margin and taking into account the time zone and time difference on the server)