Samesite cookie error on localhost with auth0
I am using auth0 to implement authentication in my react app. I'm using the useAuth0() hook as follows,
const { isAuthenticated, isLoading } = useAuth0();
I have also implemented login using
const { loginWithRedirect } = useAuth0();
.
.
.
<button onClick={() => loginWithRedirect()} />
When I press on the button, it redirects to auth0, and I am able to login. After login, it redirects back to the app, and shows the logged in routes without any issue. The problem however is when I make any change in the app, it reloads, and I am presented with the login page again, although I was logged in. In the Chrome issues tab it shows this message.
I'm not able to figure out why it does not work on refresh, but why it works on redirect after login, and I have been trying to find a solution since yesterday, but no luck so far. I came across Find the cookie that causes Chrome's SameSite warning which is the closest question I could find, but it doesn't seem to give a proper answer on how to solve it.
What worked for me in the end was an answer on another SO question.
Here is the content,
The issue was that Brave and Safari both use Intelligent Tracking Prevention (ITP), which was preventing the silent authentication from working.
The solution that worked for me was to enable rotating refresh tokens (via the Auth0 dashboard) and providing additional props to the Auth0 provider.
The two new props to add are: useRefreshTokens={true} and cacheLocation="localstorage".
<Auth0Provider
domain={process.env.REACT_APP_AUTH0_DOMAIN}
clientId={process.env.REACT_APP_AUTH0_CLIENT_ID}
redirectUri={window.location.origin}
onRedirectCallback={onRedirectCallback}
useRefreshTokens={true}
cacheLocation="localstorage"
>
{children}
</Auth0Provider>
Here are the official docs to learn more about rotating refresh tokens: https://auth0.com/docs/tokens/refresh-tokens
And this was the github issue which cleared up the issue https://github.com/auth0/auth0-react/issues/101
- Why, exactly, do we need React.forwardRef?
- Checkbox cannot change state when updated from onBlur event
- Why VS Code contains emphasized items but no error?
- How to update data that React Query has already fetched so that I do not have to refetch all the data?
- Getting dates from google analytics API
- Is there a way to validate and allow only https url's using .isUri i.e. without using Regex in JavaScript?
- Invalid options object. Dev Server has been initialized using an options object that does not match the API schema
- React form is hitting onChange but existing value is not changing
- Cannot find module 'react-dom/client' from 'node_modules/@testing-library/react/dist/pure.js'
- page not found - react/vite app not routing correctly on github pages
- Blank page when deploying a react app to github pages and vite
- Set element width based on a string that is not in the element
- Should I use ref or findDOMNode to get react root dom node of an element?
- Lodash debounce with React Input
- React-Redux: Should all component states be kept in Redux Store
- Running google analytics script on Remix.run
- How to redirect if the param is not present Next.JS
- Cannot render child object in React JS table
- What is the proper way to do global state?
- new NativeEventEmitter()` was called with a non-null argument without the required `addListener` method
- Infer a TypeScript type based on functional React component?
- mui cannot override size style to Rating component
- Module not found: Error: Can't resolve '@mui/material/Unstable_Grid2'
- How to add click action for push notification in React native
- How to make a material-ui Modal scrollable
- Data is not rendering from state in Reactjs
- How to 'refresh token' using RTK Query
- How to apply custom animation effect @keyframes in Material UI?
- Electron preload functions not recognized after browser refresh
- Webpack & Typescript image import