[ DAY 141 ] Where are my cookies? I’m hungry

“Once you had your JWT token saved to the browser’s cookie, your requests to the server will automatically include that cookie in the headers.”

So I really believed the only thing I needed to do, which apparently sounds really challenging, was attaching my token to the cookie, and the browser would take care of the rest.

But I have spent hours, in hope and also in frustration, trying to understand WHY all the requests that I wrote – getAll() to retrieve database or insertDish() to add dish to the database – just don’t include my cookie. Thus, I, or my server to be exact, cannot validate if the request is valid and authenticate the user trying to get around the web.

So there, that’s on my TODO from now until tomorrow day’s end. I have learned quite a lot about requests and responses (which is 100% improvement from myself last week, to be frank). I realized that I know nothing about web security, and I’m exposing my code to threats. Yet, that doesn’t matter. I need to create my child first, and then I’ll think about protecting it. Now, since my child is still in the womb, the only person I need to protect is myself.

Published by Thi Le


Leave a comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: