Cookie not persisting on iOS devices after app has shut down

I’m having an issue with persisting cookies in iOS on React Native/Expo using Axios.

I have a Nest.js server that is using passport to authenticate users and when a user logs in a cookie is placed on the device for all subsequent requests. I’m handling this behavior with the header credentials: 'include' on each request. This is all working fine and well on Android and even on iOS until the user closes the app and reopens it (on iOS) and the cookie sent to the server is null. At first I thought this an issue with React Native so I decided to handle the cookie myself;

Axios interceptor which retrieves and stores the cookie in local storage:

axios.interceptors.response.use(async response => {
        const cookie: Array<string> = response.headers['set-cookie'];
        if (cookie) {
            const cookieHeader: Array<string> = setCookie.splitCookiesString(cookie);
            const cookies: setCookie.Cookie[] = setCookie.parse(cookieHeader);
            await Cache.saveCookie(cookies);
        }
        return response;
    }, async (error: AxiosError) => {
        // error handle
    });

I’m using set-cookie-parser package recommended here. My Cache module just saves the value to the devices storage using AsyncStorage.

Then my request interceptor which adds the cookie to each request (if set):

axios.interceptors.request.use(async config => {
        const cookies: setCookie.Cookie[] = await Cache.getCookie();
        if (cookies) {
            const cookie: string = cookies.map(d => `${d.name}=${d.value}`).join(';');
            return  {
                ...config,
                Cookie: cookie,
            };
        }

        return config;
    });

So my solution above works on Android and on iOS until the app is closed and reopened (on iOS, just like before).

Debugging on my server I can see the cookie in every request from the client but once the app is closed and reopened the cookie value in the request is null, but I have confirmed the cookie is retrieved and set in the interceptor above with no issue. So it’s almost like something else is tampering with my Http Request after my interceptor has added the cookie to the request.

As I’ve said before this only ever happens after the app has been closed and reopened. Happy to give more context about either the application code or the server code.

Thanks in advance.

Go to Source
Author: Harry Bendix-Lewis