Not return cookie at POST request #4370

TheDEKKs · 2025-09-22T20:38:47Z

TheDEKKs
Sep 22, 2025

Hello, I have an error where I am not getting cookies back when making a POST request.

My code:

package router

import (
	//"fmt"

	"fmt"
	"net/http"
	database "thedekk/webapp/internal/database"
	jsonstr "thedekk/webapp/internal/json"
	pkg "thedekk/webapp/pkg"

	//"time"

	"github.com/gin-gonic/gin"
)


func Login(r *gin.Engine) {
	r.POST("/login", login_post)
}

func login_post (c *gin.Context){
	//database.AddUser(1, "Tets", "pass")
	
	var json_login jsonstr.POST_Login
	if err := c.ShouldBindJSON(&json_login); err != nil {
		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
		c.String(500, "Error JSON Request")
		return
	}

	if err := database.AddUser(json_login.ID_Telegram, json_login.Name, json_login.Password); err == "Good" {
		c.String(200, "Good create user")
	
	} else {
		c.String(500, "Error Add User %s", err)
		return
	}

	token, err := pkg.JwtCreate(c.Param("log"), c.Param("password"))

	if err != nil {
		c.String(500, "Error Create Token %s %s", err)
		return
	}

	maxAge := 300 //14 * 86400
	
	fmt.Println(token)
	c.SetCookie("TOKEN_JWT", string(token), maxAge, "/", "localhost", false, true)
	c.JSON(http.StatusOK, gin.H{"message": "Cokie create"})
	
/*
	cookie := &http.Cookie{
		Name: "JWT_TOKEN",
		Value: token,
		Path: "/",
		Domain: "localhost",
		MaxAge: maxAge,
		HttpOnly: false,
		Secure: false,
		SameSite: http.SameSiteLaxMode,
	}

	http.SetCookie(c.Writer, cookie)

	*/

//	c.String(200, "%s, %s", cookies, err.Error())

	return
}

Return HEAD

Content-Type  text/plain; charset=utf-8
Date   Mon, 22 Sep 2025 20:15:34 GMT
Content-Length   42

But GET request witch cookie - passes

ismaildasci · 2026-01-17T19:15:48Z

ismaildasci
Jan 17, 2026

Hey! This is usually related to how youre testing, not gin itself.

1. Domain issue - try empty string:

c.SetCookie("TOKEN_JWT", token, maxAge, "/", "", false, true)

2. Frontend needs credentials:

fetch('/login', {
    method: 'POST',
    credentials: 'include',  // Important!
    body: JSON.stringify(data)
});
// or axios
axios.post('/login', data, { withCredentials: true });

3. CORS if different ports:

import "github.com/gin-contrib/cors"

config := cors.Config{
    AllowOrigins:     []string{"http://localhost:3000"},
    AllowCredentials: true,
}
r.Use(cors.New(config))

Debug tip: Check Network tab for Set-Cookie header. If present but cookie not stored, browser is rejecting due to SameSite/Secure issues.

Let me know which one fixes it!

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Not return cookie at POST request #4370

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Not return cookie at POST request #4370

Uh oh!

Uh oh!

TheDEKKs Sep 22, 2025

Replies: 1 comment

Uh oh!

ismaildasci Jan 17, 2026

TheDEKKs
Sep 22, 2025

ismaildasci
Jan 17, 2026