I have created a Node.js RESTful API with Google OAuth authentication using PassportJS and a React frontend. Everything works fine on localhost, but after deploying to Firebase Cloud Functions, cookies are stored and sent by the browser, yet login sessions are not working on the backend.
js1const express = require('express'); 2const cookieSession = require("cookie-session") 3 4const app = express(); 5 6app.use(cookieSession({ 7 name: 'MyWebsiteName', 8 keys: [process.env.COOKIE_SESSION_KEY], 9 maxAge: 24 * 60, 10 secure: process.env.NODE_ENV === 'production', 11 sameSite: 'none', 12}));
Firebase Cloud functions are cached by default, but still you can use cookies with express-session. the specified name __session; only this is excluded from the Firebase cache, but in your case, this cookie session package uses two cookies.
For example, your main cookie is __session and one more signed cookie, like __session. sig is also used to prevent tampering.
So you cannot use cookie-session in Firebase cloud functions; alternatively, you can use the Google cloud app engine for your Node.js deployment.
and also firebase cloud functions are google cloud app engine both use proxy to map you node server but by default express js, won't trust any proxy, so you have to trust the first proxy by using this line top of you app.js file
js1app.set('trust proxy', 1);