JWT Token not set on deployment

Hey all.

For a school project, my team and I have ran into a problem regarding JWT and setting the cookie on a deployed version of our code.

router.post("/api/auth/login", async (req, res) => {
    const user = req.body
    const findUserByEmail = await db.users.find({email: user.email}).toArray()
    try {
        const hashedPassword = findUserByEmail[0].password
        if (await bcrypt.compare(user.password, hashedPassword)) {
            delete findUserByEmail[0].password
            const accessToken = jwt.sign(findUserByEmail[0], jwtSecret, {expiresIn: "120m"});
            res.cookie('jwt', accessToken, {httpOnly: true, secure: true, sameSite: "strict"});
            res.status(200).send({data: "Success"})
    } catch (error) {
        res.status(401).send({message: `login failed. \nError: ${error.message}`})

We have above code to set a cookie on the response, with a signed JWT. It all works running locally, our server, running on localhost sends the response with the given signed JWT cookie. And our frontend application, running Sveltekit, reads the cookie. No issue.

However, we have deployed our code to Render.com, and from what I can see the server sends a “Set-Cookie: jwt=zyx…” header. However the cookies does not get set.

My theory is that it might have something to do with the fact that our server now runs on https, rather than http? Might this have some effect? Otherwise i’m lost for ideas, and solutions.

Thank you in advance.


It seems that the issue you’re facing may not be specific to Render, and general code debugging falls outside the scope of our support.

However, if you believe that the problem is related to Render, you can open a support ticket by accessing the “Contact Support” form in the dashboard. Please provide relevant details such as URLs, logs/error messages, reproduction steps, screenshots, or any other information that can help us understand the problem you’re encountering. We will do our best to offer any possible guidance or assistance.

Render Support, UTC+3

Hi Jeremy. I don’t think its due to Render, my issue. However it’s only after I’ve deployed to Render that this happens. I suspect it might be something to do with the fact that Render is HTTPS while localhost is HTTP

Were you able to solve it?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.