diff --git a/client/src/lib/auth.tsx b/client/src/lib/auth.tsx index 682dd75..1ea6799 100644 --- a/client/src/lib/auth.tsx +++ b/client/src/lib/auth.tsx @@ -24,7 +24,7 @@ export function AuthProvider({ children }: { children: ReactNode }) { const { data: session, isLoading } = useQuery({ queryKey: ["session"], queryFn: async () => { - const res = await fetch("/api/auth/session"); + const res = await fetch("/api/auth/session", { credentials: "include" }); return res.json(); }, }); @@ -34,6 +34,7 @@ export function AuthProvider({ children }: { children: ReactNode }) { const res = await fetch("/api/auth/login", { method: "POST", headers: { "Content-Type": "application/json" }, + credentials: "include", body: JSON.stringify({ username, password }), }); if (!res.ok) { @@ -49,7 +50,7 @@ export function AuthProvider({ children }: { children: ReactNode }) { const logoutMutation = useMutation({ mutationFn: async () => { - await fetch("/api/auth/logout", { method: "POST" }); + await fetch("/api/auth/logout", { method: "POST", credentials: "include" }); }, onSuccess: () => { queryClient.invalidateQueries({ queryKey: ["session"] }); diff --git a/server/routes.ts b/server/routes.ts index 0a62dee..e4118cc 100644 --- a/server/routes.ts +++ b/server/routes.ts @@ -98,14 +98,20 @@ export async function registerRoutes( req.session.isAdmin = user.is_admin ?? false; req.session.token = token; - res.json({ - success: true, - token, - user: { - id: user.id, - username: user.username, - isAdmin: user.is_admin - } + req.session.save((saveErr) => { + if (saveErr) { + return res.status(500).json({ error: "Session save error" }); + } + + res.json({ + success: true, + token, + user: { + id: user.id, + username: user.username, + isAdmin: user.is_admin + } + }); }); }); } catch (err: any) {