When using KeystoneJS6 login mutation (‘initiateLogin’) from an external UI, a token and cookie are set but the session remains empty. Is an extra header needed?
mutation initiateLogin($userEmail: String!, $userPassword: String!) {
initiateLogin(email: $userEmail, password: $userPassword) {
... on LoginSuccess { authToken user { email } }
... on LoginFailure { errorMsg }
}
}
Based on my experience with KeystoneJS-6, the issue of having a token and cookie without a session usually points to settings within Keystone’s session configuration rather than the need for an extra header. In my case, reviewing the cookie and session middleware setup helped identify that the session parameters were not correctly aligned between the client and server. Ensuring that Keystone’s session settings, such as the cookie secret and other relevant options, are properly set up allowed the session to persist correctly. It may be beneficial to review these settings in your configuration to resolve this issue.
hey, check if your session settings match between client & server. i had a simmilar isuue until i reconfigured my cookies. no extra header is needed. hope this helps.
hey there, did you check if your cookie domain and path are matching up? i’ve run into similar issues. maybe the external call isn’t sending credentls as expected. what did you end up doing for your session config?