Get started
We are having lots of fun on Discord. Come and join us!
Star on GitHub 45.1K Get started
Back

OAuth SvelteKit SSR tutorial sameSite cookies in header

  • 0
  • Auth
  • Web
  • Cloud
View on Discord
syed
19 May, 2024, 11:28

Hi all, not a question but just want to share my experience. I followed the SSR OAuth tutorial on here: https://appwrite.io/docs/tutorials/sveltekit-ssr-auth/step-7

However, when setting cookies; I had to use sameSite: "lax" to make it work upon redirect. Otherwise, if using sameSite: "strict , when return from Google/Github etc, the hooks.server.js called with no user in locals, but have to manual refresh to make it work to call createSessionClient.

So if anyone following that tutorial and wondering why on return to /account, it doesn't show any user details or locals.user is empty, or return 401, then change sameSite: "strict" to sameSite: "lax".

At the same time, if I'm doing something wrong here, let me know!

TL;DR
Developers discussing OAuth SvelteKit SSR tutorial experienced issues with cookies not working upon redirect. Changing `sameSite` from `"strict"` to `"lax"` fixed the problem of `locals.user` being empty on return to `/account`.
Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more