Categories
express express-session javascript node.js

Where is the express-session cookie hidden?

My express-session is working, I tested it with a very short cookie max-age (10 secs) and it works as intended:

app.use(session({
secret: 'xxx',
resave: false,
saveUninitialized: true,
cookie: { secure: true, maxAge: 10000 }
}));

The strange thing is, that I can’t find the cookie anywhere in my Chrome Developer Tools. Where is the cookie set by express-session hidden?

update #2: See my own answer if you want to know where to see the cookie if you are sending an ajax request to an express server on another domain.

update – the session management on my express server:

app.post('/verify', function(req, res){
let out = [];
if(!req.session.userId){
if(typeof req.body.token !== 'undefined'){
admin.auth().verifyIdToken(req.body.token)
.then(function(decodedToken) {
let uid = decodedToken.uid;
if(!req.session.userId){
req.session.userId = uid;
}
res.send(uid);
// ...
}).catch(function(error) {
// Handle error
res.send(error);
});
}else{
res.send('no token received');
}
}else{
res.send('already logged in by session with uid: ' + req.session.userId + ' | session id: ' + req.session.id);
}
});

and that’s how the server is “started”:

app.listen(port, function () {
console.log('Example app listening on port ' + port + '!');
});

the problem is that the session(s) work, but I am not able to see the cookie(s):

enter image description here